Securing your information is our top priority

  • Boomeringo is a read-only service, no one can move your money

    The read-only nature of Boomeringo ensures that no one can move or deduct money, make purchases from your accounts, not even you. All your finances still lie with your bank, Boomeringo simply accesses information about your accounts making no changes to your bank accounts.

  • Does Boomeringo save my bank credentials on your database?

    We require your online banking credentials to make a onetime connection between your account and your bank, at no point during this transaction we save your online banking credentials on our database. Your bank transactions are accessed via Basiq, an Open Banking API platform based locally in Sydney. Basiq is actively supported by FinTech leaders such as NAB Ventures and Westpac Reinventure.

  • Sensitive information is encrypted!

    No sensitive personal information is stored in plain text format, they are encrypted using complex encryption algorithms and methods.

    Every move is tracked

    From the time someone logs into Boomeringo, that entire session is closely monitored to make sure that all actions within the system are carried out in a controlled environment.

  • Bank-level Security

    Boomeringo uses the same technology that is used by major banks and top financial institutions to ensure that the information travels across Boomeringo is secured. It uses 128-bit encryption secure socket layer (SSL) technology (HTTPS).

  • Every communication sent over a secure, encrypted connection. Data is stored in an encrypted manner using highly complex cryptography methods, encryption keys and several layers of authentication. All information stored in our database is encrypted meaning no one can see that information without the appropriate decryption technologies and relevant keys.

  • Two-Factor Authentication enabled (2FA)

    Two-factor authentication protects your account by requiring you to provide an additional step of authorization, usually a verification code generated and sent to your mobile device.

  • We work with the best in the business

    Routine audits are carried out by the world's largest dedicated web security company; McAfee to verify the security state.
  • Basiq (our syncing provider) places a high priority on maintaining world leading security practices. Some of their practices include:

    - Following industry standard coding guidelines set by OWASP
    - Restricting access to systems by external networks and between internal systems
    - Storing data at rest using 256-bit AES encryption
    - Continuously conducting real time behaviour monitoring, vulnerability assessment, and intrusion detection, and
    - Storing physical information in government certified data centres

  • Our servers are hosted and managed by Bulletproof Mission Critical Cloud platform, who host some of the highly trafficed websites including Movember.com.au, Budget.gov.au, Olympics.com.au, Clemenger just to name a few.