All Collections
Privacy, terms and common questions
Securely connecting your data with Basiq
Securely connecting your data with Basiq

Everything we do to make sure your data is safe.

Ashman Malik avatar
Written by Ashman Malik
Updated over a week ago

We often get questions on whether it's safe to connect your data using Basiq, so we decided to put together some detailed info on how we handle your data.

First thing's first...

Nope, we can't do anything with your money... ๐Ÿ™…โ€โ™€๏ธ๐Ÿ™…โ€โ™‚๏ธ

All data is read-only so we can report on your accounts and transactions but that's it.

No longer need a product/ service? We'll delete your data ๐Ÿšฎ

As long as the product/ service lets us know they don't need your data anymore we'll delete it. We've never sold any data shared by customers and never will.

We don't have access to your logins ๐Ÿšซ

Credentials are stored in AWS data centres in Sydney and Melbourne using AES-256 envelope encryption which means that each connection is encrypted with its own key. Employees have strict access control to data and systems and never have access to shared banking credentials

Yes, we're just as safe as your bank ๐Ÿฆ

Our infrastructure is hosted and managed in an ISO 27001, SOC 1 & SOC 2, PCI Level 1, FISMA Moderate and SOX certified data centre... In layman's terms, your data is stored in the same way as data in the most highly regulated organisations around the world.

Our approach to security

As a company that works with financial institutions, security is at the core of what we do and protecting your data is one of our most important responsibilities.

We understand the sensitive nature of the information we collect and believe you should never have to compromise your privacy in pursuit of a better way to manage your money. This is why we take extensive steps to protect your identity and data via an ISO 27001 certified security program.

When you share your credentials with Basiq, no human ever sees your banking data except for the company that youโ€™ve decided to share it with. We provide a read-only service, in other words, we can report on your accounts and transactions but we canโ€™t make any payments or transfers - so your money is secure.

What data do we collect?

When you give Basiq permission to connect to your bank, we collect information required by the provider of your account or service, such as your login information, transactions, account numbers, and balances as well as general identity data including names and email addresses. This allows you to gain access to powerful financial services and tools and speeds up identity and account verification.

How do we make sure your data is safe?

We are ISO 27001 certified, use the same data centres trusted by the most highly-regulated organisations in the world and are regularly audited and assessed by third parties.

Secure environment

Our physical infrastructure is hosted and managed in ISO 27001, SOC 1 & SOC 2, PCI Level 1, FISMA Moderate and SOX certified data centres based in Sydney and Melbourne.

Restricted Network Access

We use firewalls to restrict access to systems from external networks and between systems internally.

Real-time Monitoring

We conduct behavioural monitoring, vulnerability assessment, SIEM and intrusion detection to detect threats.

Data Encryption

We store data at rest using 256-bit AES encryption and use an SSL/TLS secure tunnel to transfer data between your app and our API.

Secure Development

Our development follows industry-standard secure coding guidelines, such as those recommended by OWASP.

Multi-factor Authentication

Two-factor authentication and strong password controls are required for administrative access to systems.

What are my options when it comes to sharing data?

Right now, the options to share your banking details are either to download and email your official bank statements, which is inconvenient and more vulnerable to fraud - or to grant read-only access to your internet banking through a process known as digital data capture (what Basiq uses).

The Australian government has also begun to roll out the Consumer Data Right in the banking sector, which will allow you to ask for your data to be shared with trusted recipients. The CDR is still in its pilot phase and most banks do not yet offer the option to share your banking data in this way. In the meantime, Basiq will allow you to continue accessing services that help you reach saving goals, budget effectively, get better financial advice and more, in a secure way.

Questions?

Get in touch with our team through the messenger in the right-hand corner ๐Ÿ‘‰

Till next time ๐Ÿ‘‹

The Basiq Team

Did this answer your question?