Skip to main content
[AU] Instant Account Verification (IAV)

Instantly verify bank account access

Updated over a week ago

Note: This article is relevant to merchants integrating with Zepto in Australia.

As part of our KYC requirements to successfully & securely action a Payment Request or Agreement, we must prove that the bank account is accessible by the authorising party.

To do this, we supply a UI that securely receives a customer's online banking credentials and uses them to fetch a list of eligible bank accounts for the customer to select from. This ensures that not only are the bank account details correct but that the customer has access to this bank account.

Customer Data

Security is of the utmost importance โ€“ Zepto does not collect data such as usernames and passwords used to log into your online banking. Please see our Privacy Policy for more information.

  • No caching of requests is performed on our servers

  • We do not capture or store usernames or passwords

  • We utilise the highest standards of encryption

Data Security

During a Zepto transaction, no one can access or see your internet banking login credentials. All communication via Zepto takes place using HTTPS transport level security and no sensitive information is stored (not even cached).

Security Commitment

In order to maintain our high-security standards, Zepto Payments has undertaken the following:

  • We use a proxy server between the customer and the internet banking site, which has advanced security against DNS poisoning and other threats.

  • We have numerous server-side transaction integrity checks to ensure no tampering

  • Our development follows industry-standard secure coding guidelines, such as those recommended by OWASP.

  • Only required personnel have access to the production environment

  • Our physical infrastructure is hosted and managed in an ISO 27001, SOC 1 & SOC 2, PCI Level 1, FISMA Moderate and SOX certified data centre.

  • We conduct behavioural monitoring, vulnerability assessment, SIEM and intrusion detection to detect threats and keep our system safe and secure.

  • Firewalls are utilised to restrict access to systems from external networks and between systems internally.

Feel free to reach out if you have further questions by emailing us directly at or clicking on the green bubble icon from the corner of the screen.

Did this answer your question?