give mooore

Linking your credit and or debit cards to your goood account

To gain access to our in-store and additional online partners (and to opt into round ups in 2020) you need to connect your GooodPay account with your credit and or debit card account/s. It's a very simple and secure way to boost your savings and fundraising.


  1. Log in to your Goood Account

  2. Click Add new Card button in the Link your Credit Card block

  3. Select which bank you want to connect with

  4. Enter interent banking credentials and press Submit button

  5. Select which accounts you would like to connect with your Goood Account - you can have more than one

  6. Done!! Whenever you use the credit and/or debit cards associated with that account when paying for goods and services from our reward partners you'll generate Cash Rewards that you can pass onto your nominated beneficiaries and/or set aside for your self.

  7. And YES, you can connect as many different banking institutions to your Goood Account as you wish

Importantly, we do not connect to your bank account, nor directly to your credit/debit card account. We do connect, via your internet banking credentials, to a feed that provides us with READ ONLY transaction information (eg. 2020-07-17 Visa Purchase 15Jul Iga West Pymble West Pymb -8.99 Steven Holland) associated with your connected cards which we match against our participating Reward Partners to generate your Cash Reward.

This functionality is completely handle by Basiq, our FI Aggregator, using similar technolgy as do some well known accounting platforms, with absolutely no internet banking credentials touching our system.

Security Standards

First and foremost, GooodPay doesn't go anywhere near your bank account when connecting it to your Goood Account...we leave that up to our Goood Connections partner, Basiq, whose approach to security is designed to protect both you and us.

Basiq's security approach focuses on security governance, risk management and compliance. This includes encryption at rest and in transit, network security and server hardening, administrative access control, system monitoring, logging and alerting, plus more.

Basiq's physical infrastructure is hosted and managed in a ISO 27001, SOC 1 & SOC 2, PCI Level 1, FISMA Moderate and SOX certified data centre.

Two-factor authentication and strong password controls are required for administrative access to systems.

Firewalls are utilised to restrict access to systems from external networks and between systems internally.

They store data at rest using 256-bit AES encryption and use an SSL/TLS secure tunnel to transfer data between our applications and their API.

Their development follows industry-standard secure coding guidelines, such as those recommended by OWASP.

They conduct behavioural monitoring, vulnerability assessment, SIEM and intrusion detection to detect threats and keep their system safe and secure.