• Frequently Asked Questions
  • General

Frequently Asked Questions

Looking for answers about SecurePay?
You've come to the right place.

  • General
  • Transaction Types
  • Apple Pay
  • Dynamic Currency Conversion
  • 3D Secure 2
  • FraudGuard


Showing 1 - 24 of 24 results

A chargeback is received when a cardholder disputes a transaction with their card issuing bank. A chargeback can occur when the merchant has made an error at the point of sale, for example, an expired card has been used. A chargeback can also occur when the cardholder or the Card Issuing Company ("the Issuer") is disputing the transaction. For example, the card or cardholder were not present at the point of sale and possible fraud may have taken place.

You will be sent an email advising of a Request for Information, including the details you need to supply should you wish to dispute the chargeback. Evidence must be submitted within 10 business days.

A cardholder dispute is when a cardholder contacts their card-issuing bank to dispute a transaction processed on their card. The card-issuing bank then contacts the acquirer of the transaction (NAB) who then contact the Payment Facilitator (Australia Post/SecurePay) to forward each dispute to the customer for notification, investigation and resolution. You will need to provide supporting evidence to prove the cardholder authorised the payment they are disputing.

You have 10 days from receiving the notification to provide supporting evidence. The process ends when either an outcome is reached by the card issuer based on evidence provided, the merchant does not respond, or the 45 day time period lapses.

There are methods you can implement to avoid fraudulent transactions such as:

  • SecurePay’s FraudGuard tool - FraudGuard provides you with greater control in detecting fraud. With FraudGuard you can enable a set of transaction rules. If these rules are broken the transaction is declined on the spot.

  • 3D Secure 2 - 3DS2 is SecurePay’s solution to help ensure cardholder authentication and protection against fraudulent transactions. It allows the cardholder’s identity to be authenticated by their bank at the time of purchase.

  • CAPTCHA forms - A CAPTCHA is a program designed to tell the difference between human and machine input. Having a CAPTCHA form on your website can help protect your business from scammers who might try to make fraudulent purchases on your website.

  • Tokenisation - Tokenisation technology replaces credit and debit card numbers with a long string of random numbers. The credit and debit card number is encrypted and stored in an off-site PCI compliant vault that is separate from your data systems. This process makes it more difficult for hackers to gain access to sensitive data outside your tokenisaton system, so it’s a good way to combat the threat of fraudsters.

  • Ship goods to a verified address - Shipping to a verified billing address which has passed postal code and street address checks is always the safest option. When using an address that has not been verified, you cannot prove that the order was shipped to the legitimate cardholder if the payment is later disputed.

You can contact us on 1300 786 756 or support@securepay.com.au

Yes, you can simply log in to our Merchant Login and navigate to Accounts receivable -> Take a payment -> Cards, and complete the form. The transaction will be processed straight away. The authorisation result will be returned by the banking network.

Yes, you can refund transactions through SecurePay. Multiple refunds may be performed on a transaction if the total refunded amount does not exceed the total of the original payment. Refunds can be performed through SecurePay's APIs or online from our Merchant Login facility. Merchants can only refund a payment back to the card used for the original payment.

Yes. SecureBatch allows clients to upload a file of transactions via the Merchant Login.

All SecurePay credit card payments return real-time responses from the card-issuing bank or the SecurePay server. Response codes consisting of 2 digits are returned by the card issuing bank. Response codes consisting of 3 digits are returned from the SecurePay server. Details about each response code returned can be found here: Response Code.

SecurePay allows the processing of Visa (credit and debit), MasterCard (credit and debit), American Express, Diners Club, Apple Pay and JCB. PayPal is also available as a payment method for the SecureFrame and Direct Post integration methods.

Yes. Just as anyone travelling overseas can pay for goods and services with their credit card, any cardholder with an appropriate card may make a payment using SecurePay. The transaction is conducted in Australian Dollars and the foreign currency conversion is then handled by Visa or MasterCard.

The login credentials are used to log in to the SecurePay Merchant Login. They consist of a 3 character Merchant ID (MID), a username and a password. The API credentials are used to identify your SecurePay account when sending payment requests from your website to our payment server. Your API credentials will include a 7 character Merchant ID and an API/Transaction Password.

Yes. The SecurePay payment system can be integrated within a website so that the look and feel is retained. Many of our products allow customisation.

You can be notified of system or provider issues by subscribing to our status page here.

SecurePay can provide a daily report file of transactions processed the previous day. This report can be retrieved via the merchant login or emailed.

For SecurePay Gateway customers, settlement of funds is dependent on your merchant bank. Please contact your merchant bank for more information.

For SecurePay Online Payments customers, settlement of funds into your nominated account will be determined by our internal risk assessment policies. If you do not know your settlement profile, please contact the support team on 1300 786 756 Option 2 or email support@securepay.com.au.

To change your SOP settlement account, please contact the SecurePay accounts team on 1300 786 756 Option 3 or email accounts@securepay.com.au.

For change of settlement bank account details, complete parts 1, 5 and 9 of this form and email it to support@securepay.com.au.

If you do not know your Internet Merchant ID and Internet Terminal ID, please contact your merchant bank for those details.

Yes, we have a sandbox environment accessible to the public. Please see public testing account details below.

Test Merchant Login URL: https://test.login.securepay.com.au/v4/

Merchant ID: ABC

Username: test

Password: abc1234!!

Test integration details

Merchant ID: ABC0001

Test Transaction Password: abc123

The SecurePay test environment has been set up to return a response code equivalent to the cent value of a transaction being processed. For example: Processing a payment for $1.00 (or 100 cents) will return a response code "00 Approved". Processing a payment for $1.51 (or 151 cents) will return response code "51 Insufficient Funds".

Yes, however refunds are not debited directly from your account and instead are debited from your next settlement. If you aren't due to receive another settlement (eg. if you have closed your SecurePay account), you will receive a negative balance notification via email with payment advice.

A negative balance occurs if you complete a refund or experience a chargeback. The reason this is referred to as a 'negative balance' is because SecurePay is covering the cost of the refund/chargeback, rather than it being deducted from your bank account.

If your account goes into negative balance, the next settlement will cover that amount then settle as usual. If no future settlement occurs, your account will remain in a negative balance until this is offset by a future settlement or it is manually paid.

If you have been requested to send data via a secure method, then the following is the SecurePay public PGP key to be used when encrypting data that is to be sent to SecurePay.

Some instructions on using the below key for Linux users.

  1. Copy the key into a file and save it as something like “SecurePayPublicKey.asc” on your Linux server in a temporary location (e.g. /tmp/securepay)

  2. Import the public GPG key:
    gpg --homedir /tmp/securepay --import SecurePayPublicKey.asc

  3. Encrypt the data file:
    gpg --trust-model always --yes --no-tty --batch --homedir /tmp/securepay --recipient support@securepay.com.au --encrypt DATAFILE.TXT

GPG should then create a DATAFILE.TXT.gpg file. You can now send this file to SecurePay via the agreed upon method of transfer.

User ID: SecurePay SFTP <gpg@securepay.com.au>

Version: GnuPG v2.0.22 (GNU/Linux)


We're here to help

Give us a call

Call between 8:00am-8.00pm Mon-Fri (Excluding Public Holidays).

Send us an email

Replies typical from 8:00am-8:00pm Mon-Fri (Excluding Public Holidays).

For all enquiries

For sales and pricing enquiries

Need assistance?

Book an interpreter or get 24-hour calling assistance.

Don't speak English?
Call us via the TIS

Hearing or speech impaired?
Call us via the NRS

Ready to start accepting payments?