{"id":3101,"date":"2016-02-08T03:29:42","date_gmt":"2016-02-08T03:29:42","guid":{"rendered":"https:\/\/raizinvest.com.au\/investors\/using-your-internet-banking-details-with-raiz\/"},"modified":"2020-10-28T02:21:07","modified_gmt":"2020-10-28T02:21:07","slug":"using-your-internet-banking-details-with-raiz","status":"publish","type":"post","link":"https:\/\/raizinvest.com.au\/investors\/blog\/using-your-internet-banking-details-with-raiz\/","title":{"rendered":"Using Your Internet Banking Details With Raiz"},"content":{"rendered":"
\"image\"<\/figure>\n

We\u2019ve received a lot of questions regarding
\nthe legality of submitting one\u2019s personal bank login details to Raiz in order
\nto use our Round-Ups feature, so we thought we would try to explain the
\nePayments Code, which the Australian Securities & Investment Commission
\n(ASIC) administers on behalf of its subscribers, the banks and institutions. To
\nsee if your financial institution is a subscriber, you
\ncan view a list on ASIC\u2019s website.<\/a><\/span><\/p>\n

We recommend you keep reading, but if
\nyou can\u2019t be bothered with the legal mumbo jumbo, here\u2019s the take home message:<\/i><\/p>\n

Having researched ASIC\u2019s ePayments code, we can tell you
\nthat using your internet banking login details with Raiz should not void any
\nterms and conditions with your bank. <\/b><\/p>\n

\u00a0<\/b><\/p>\n

To quote ASIC\u2019s site directly:<\/b><\/p>\n

“Almost all banks, credit unions and building societies
\nin Australia are subscribers to the ePayments Code. Other providers of consumer
\nelectronic payment facilities such as PayPal have also subscribed to the code.<\/i><\/p>\n

Among other things, the ePayments Code:<\/i><\/p>\n

\u00b7
\nrequires subscribers to give consumers clear and unambiguous terms
\nand conditions,<\/i><\/p>\n

\u00b7
\nstipulates how terms and conditions changes (such as fee increases),
\nreceipts and statement need to be made<\/i><\/p>\n

\u00b7
\nsets out the rules for determining who pays for unauthorised
\ntransactions, and;<\/i><\/p>\n

\u00b7
\nestablishes a regime for recovering mistaken internet payments.”<\/i><\/p>\n

Most of the questions we have received come
\nfrom customers who believe that entering one\u2019s login details into the Raiz app will make
\nthem liable for any losses in their account. This is false.<\/b><\/p>\n

Entering banking login details into the
\nRaiz app to create round-up opportunities will not see you become liable for unauthorised transactions because:<\/p>\n

(a) the user expressly
\nappoints Raiz and Yodlee to collect information on the user\u2019s behalf only (i.e. Raiz and Yodlee have \u201cread only\u201d access to the user\u2019s bank account.
\nThey cannot effect
\ntransactions<\/b>); and<\/p>\n

(b) Raiz and Yodlee
\nprotect the data using encryption and bank standard security measures to keep
\nit safe.<\/p>\n

Raiz uses industry-standard security like
\n256-bit SSL encryption of sensitive information, redundant backups, and
\ndisaster recovery planning. Even in the incredibly unlikely event that all
\nthese measures fail, customers of Raiz are insured against fraud &
\ncyber-crime. This insurance does not invalidate the liability of your financial
\ninstitution, so you are protected against liability and loss.<\/p>\n

In conclusion, Raiz and its use of a
\ntransaction aggregator to retrieve round-ups on your behalf, we believe, is in compliance
\nwith ePayments Code as outlined by ASIC. You will not be forfeiting any
\nprotection by using your online login with Raiz. Stay safe out there, and
\ncontinue to be smart about with whom you share your sensitive information.<\/p>\n

We appreciate your trust and loyalty. We
\npromise never to abuse it.<\/p>\n

Source:
\n<\/b>ePayments Code \u2013 <\/b>http:\/\/asic.gov.au\/for-consumers\/codes-of-practice\/epayments-code\/<\/a><\/span><\/b><\/p>\n

 <\/p>\n

Relevant excerpts below:<\/h3>\n

unauthorised
\ntransaction<\/b> means a transaction that is not
\nauthorised by a user<\/p>\n

\u2026<\/p>\n

9 Scope Transactions not authorised by a
\nuser<\/p>\n

9.1 This Chapter applies to unauthorised
\ntransactions. It does not apply to any transaction that is performed by a user
\nor by anyone who performs a transaction with the knowledge and consent of a
\nuser.<\/p>\n

\u2026<\/p>\n

10 When holder is not liable for loss<\/p>\n

10.1 A holder is not liable for loss arising
\nfrom an unauthorised transaction if the cause of the loss is any of the
\nfollowing:<\/p>\n

(a) fraud or
\nnegligence by a subscriber\u2018s employee or agent, a third party involved in
\nnetworking arrangements, or a merchant or their employee or agent,<\/p>\n

(b) a device, identifier
\nor pass code which is forged, faulty, expired or cancelled,<\/p>\n

\u00a9 a
\ntransaction requiring the use of a device and\/or pass code that occurred before
\nthe user received the device and\/or pass code (including a reissued device
\nand\/or pass code),<\/p>\n

(d) a transaction
\nbeing incorrectly debited more than once to the same facility, and<\/p>\n

(e) an
\nunauthorised transaction performed after the subscriber has been informed that
\na device has been misused, lost or stolen, or the security of a pass code has
\nbeen breached.<\/p>\n

10.2 A holder is not liable for loss
\narising from an unauthorised transaction that can be made using an identifier
\nwithout a pass code or device. Where a transaction can be made using a device,
\nor a device and an identifier, but does not require a pass code, the holder is
\nliable only if the user unreasonably delays reporting the loss or theft of the
\ndevice.<\/p>\n

10.3 A holder is not liable for loss
\narising from an unauthorised transaction where it is clear that a user has not
\ncontributed to the loss.<\/p>\n

\u2026<\/p>\n

12 Pass code security requirements<\/p>\n

Pass code security<\/p>\n

12.1 Clause 12 applies where one or more
\npass codes are needed to perform a transaction.<\/p>\n

12.2 A user must not:<\/p>\n

(a) voluntarily
\ndisclose one or more pass codes to anyone, including a family member or friend,<\/p>\n

(b) where a
\ndevice is also needed to perform a transaction, write or record pass code(s) on
\na device, or keep a record of the pass code(s) on anything:<\/p>\n

(i) carried with
\na device, or<\/p>\n

(ii) liable to
\nloss or theft simultaneously with a device, unless the user makes a reasonable
\nattempt to protect the security of the pass code, or<\/p>\n

\u00a9 where a
\ndevice is not needed to perform a transaction, keep a written record of all
\npass codes required to perform transactions on one or more articles liable to
\nbe lost or stolen simultaneously, without making a reasonable attempt to
\nprotect the security of the pass code(s).<\/p>\n

12.3 For the purpose of clauses
\n12.2(b)\u201312.2\u00a9, a reasonable attempt to protect the security of a pass code
\nrecord includes making any reasonable attempt to disguise the pass code within
\nthe record, or prevent unauthorised access to the pass code record, including
\nby:<\/p>\n

(a) hiding or
\ndisguising the pass code record among other records,<\/p>\n

(b) hiding or
\ndisguising the pass code record in a place where a pass code record would not
\nbe expected to be found,<\/p>\n

\u00a9 keeping a
\nrecord of the pass code record in a securely locked container, or<\/p>\n

(d) preventing
\nunauthorised access to an electronically stored record of the pass code record.
\nThis list is not exhaustive.<\/p>\n

12.4 A user must not act with extreme
\ncarelessness in failing to protect the security of all pass codes where extreme
\ncarelessness means a degree of carelessness that greatly exceeds what would
\nnormally be considered careless behaviour.<\/p>\n

Note 1: An example of extreme carelessness
\nis storing a user name and pass code for internet banking in a diary,
\nBlackBerry or computer that is not password protected under the heading
\n\u2018Internet banking codes\u2019.<\/p>\n

\u2026<\/p>\n

12.9 Where a subscriber expressly or
\nimplicitly promotes, endorses or authorises the use of a service for accessing
\na facility (for example, by hosting an access service on the subscriber\u2019s
\nelectronic address), a user who discloses, records or stores a pass code that
\nis required or recommended for the purpose of using the service does not breach
\nthe pass code security requirements in clause 12.<\/p>\n

Note 1: For example, if a subscriber
\npermits users to give their pass code(s) to an account aggregator service
\noffered by the subscriber or an associated company, a user who discloses their
\npass code(s) to the service does not breach the pass code security requirements
\nin clause 12.<\/p>\n

13 Pass code security guidelines<\/p>\n

13.1 A subscriber may give users guidelines
\non ensuring the security of devices and pass codes in their terms and conditions
\nor other communications.<\/p>\n

13.2 Guidelines under this clause must:<\/p>\n

(a) be
\nconsistent with clause 12,<\/p>\n

(b) clearly
\ndistinguish the circumstances when holders are liable for unauthorised
\ntransactions under this Code, and<\/p>\n

\u00a9 include a
\nstatement that liability for losses resulting from unauthorised transactions
\nwill be determined by this Code, rather than the guidelines.<\/p>\n

\u2026<\/p>\n

15 Network arrangements<\/p>\n

15.1 In clause 15:<\/p>\n

merchant
\nacquirer<\/b> means a subscriber that provides a service
\nto merchants that enables them to accept\/receive electronic payments<\/p>\n

party
\nto a shared electronic payments network<\/b> includes
\nretailers, merchants, communications services providers and other organisations
\noffering facilities, merchant acquirers and subscribers<\/p>\n

15.2 A subscriber must not avoid any obligation
\nowed to users under this Code on the basis that:<\/p>\n

(a) it is a
\nparty to a shared electronic payments network, and<\/p>\n

(b) another
\nparty to the network caused the failure to meet the obligation.<\/p>\n

15.3 A subscriber must not require a user
\nwho is their customer to:<\/p>\n

(a) raise a
\ncomplaint or dispute about the processing of a transaction with any other party
\nto a shared electronic payments network, or<\/p>\n

(b) have a
\ncomplaint or dispute investigated by any other party to a shared electronic
\npayments network.<\/p>\n

 <\/p>\n

\n

 <\/p>\n

Don\u2019t have the Raiz App?<\/h3>\n

Download it for free in the App store or the Webapp below:<\/p>\n

\n
\"download-raiz-app\"<\/a>
Click to download the Raiz app<\/a><\/figcaption><\/figure>\n

 <\/figure>\n

Important Information<\/strong><\/span><\/em><\/p>\n

The information on this website is general advice only. This means it does not take into account any person\u2019s particular investment objectives, financial situation or investment needs. If you are an investor, you should consult your licensed adviser before acting on any information contained in this article to fully understand the benefits and risk associated with the product.<\/em><\/p>\n

A Product Disclosure Statement for Raiz Invest and\/or Raiz Invest Super are available on the Raiz Invest website and App. A person must read and consider the Product Disclosure Statement in deciding whether, or not, to acquire and continue to hold interests in the product. The risks of investing in this product are fully set out in the Product Disclosure Statement and include the risks that would ordinarily apply to investing.<\/em><\/p>\n

The information may be based on assumptions or market conditions which change without notice. This could impact the accuracy of the information.<\/em><\/p>\n

Under no circumstances is the information to be used by, or presented to, a person for the purposes of deciding about investing in Raiz Invest or Raiz Invest Super.<\/em><\/p>\n

Past return performance of the Raiz products should not be relied on for making a decision to invest in a Raiz product and is not a good predictor of future performance.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

We\u2019ve received a lot of questions regarding the legality of submitting one\u2019s personal bank login details to Raiz in order to use our Round-Ups feature, so we thought we would try to explain the ePayments Code, which the Australian Securities & Investment Commission (ASIC) administers on behalf of its subscribers, the banks and institutions. To […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false},"categories":[1],"tags":[],"yst_prominent_words":[1243,1244,1235,1241,1237,1245,1239,1240,1234,1247,1236,1229,1230,1231,1232,82,1246,1242,1238,1233]}