Serious about security

We employ multiple strategies to protect our customer’s assets and information, including data encryption, transport layer security (TLS), periodic security audits and best practice organisation security.

Learn more

We are PCI and GDPR compliant. We utilise military grade AES-256 bit data encryption and use advanced machine learning techniques to recognise suspicious logins, account takeovers and financial fraud.

Incent loyalty Pty. Ltd. (Incent) is registered with AUSTRAC  (ABN 58617123636).

For further information, please do not hesitate to contact us via our help desk or call us on +61 2 8958 0578.

Security FAQ

How secure is the Incent platform?

Our most important priority is your security. And we go to extreme lengths to protect it.
We use military grade AES-256 encryption. Short for Advanced Encryption Standard, it was the first publicly accessible and open cipher approved by the National Security Agency (NSA) to protect information at a “Top Secret” level.

It is now widely-accepted as the strongest encryption there is – and used by governments, militaries, banks and other organisations across the world to protect sensitive data.

How do you protect and store my bank login information?

Your personal information is entered through Secure Socket Layer (SSL), which creates an encrypted connection between your browser and our servers. This information is kept encrypted at all times.

Your bank login credentials are stored securely using multi-layered hardware and software encryption. We only store the information needed to save you the trouble of updating, syncing or uploading financial information manually.

Why do you need my bank login information?

We use this information to establish a secure connection with your bank or service provider. Your bank sends us the information we need to be able to send you rewards.

Can Incent access my accounts?

No, Incent has a strictly “read-only” view of your transaction information in order for us to reward you. We only track eligible spend and cannot access your accounts.

Why do I have to undertake KYC in order to withdraw from the platform?

Compliance is essential for Incent to stay vigilant and ensure that we are adhering to Australian and international regulatory requirements.

In line with our regulatory obligations, we have strict processes in place to minimise the risk that our service may be used for money laundering purposes, or to fund criminal activity. These include:

  • Identification of all our members
  • Monitoring and reporting suspicious transactions
  • Maintaining records for at least seven years
  • Training our staff to recognise suspicious activity, and know what their reporting obligations are.