Suppliers are able to securely and automatically verify their payment details through the Eftsure Bank Link (Yodlee) option where the underlying financial system is leveraged to securely verify the Supplier's nominated Account Name, Account Number and BSB, against the Australian Business Register and Australian Business Numbers.
The Bank Link option leverages the regulated security and compliance controls that financial institutions must adhere to when accounts are opened by business entities, in particular 100 points of identification check that the Australian Government adopted to combat financial transaction fraud by individuals and companies, enacted by the Financial Transactions Reports Act (1988) (FTR Act).
Eftsure leverages the internationally recognised Yodlee solution for our Bank Link Supplier Verification process where Suppliers with appropriate authority to log into their bank, can nominate the account where payments are to be paid into from Customers. The account holder name is cross-referenced against Australian Business Register (ABR) for the respective Australian Business Number (ABN), including registered variations of business name and trading names to the Account Holder details. Yodlee is a global leader in data aggregation, data analytics and consumer-permissioned financial data sharing. Yodlee are also formally accredited for Open Banking by the Australian Competition & Consumer Commission (ACCC) to provide Consumer Data Rights (CDR) data (https://www.cdr.gov.au/find-a-provider?provider=ADRBNK000061). As part of the Yodlee solution, the Supplier logs into the banking portal via Yodlee (or directly into their bank through Open Banking where supported) where user credentials are not saved or stored. This process is also external and not visible to Eftsure where we only receive the nominated account details after the supplier has selected the account to verify.
Eftsure has additionally completed our standard vendor endorsement processes, adhering to both ISO 27001:2022 and SOC 2 standards, where we have vetted the security posture of the Yodlee organisation and solution, including receiving their latest penetration test provided in 2024 where there were no medium/high/critical issues.
Yodlee is also certified to multiple security frameworks including ISO 27001, SOC 2 Type 2 and PCI-DSS. Eftsure has also performed our own, authorised penetration testing against the Yodlee solution through a CREST accredited, independent 3rd party security firm where there have been no medium/high/critical issues identified.