Paychoice recognizes the important contributions that our customers and the security research community can make. We encourage responsible reporting of problems with our service. We also recognize that legitimate and well-intentioned researchers are sometimes blamed for the problems they disclose.
In order to encourage responsible reporting practices, we promise not to bring legal action against researchers who point out a problem, provided they:
- Share with us the full details of any problem found.
- Research should primarily be done on https://sandbox.paychoice.com.au
If the problem cannot be demonstrated on https://sandbox.paychoice.com.au or https://secure.paychoice.com.au you will not be added to our list of Whitehat Security Researchers
- Do not disclose the issue to others until we’ve had reasonable time to address it.
- Do not intentionally harm the experience or usefulness of the service to others.
- Do not spam us with form submissions which will degrade our customer service experience.
- Never attempt to view, modify or damage data belonging to others.
- Make a good faith effort to avoid data destruction, theft, privacy violations and interruption or degradation of our service.
- Do not seek compensation or reward for the report.
- If you believe you have discovered a problem, please contact us at [email protected].
- If you believe you have discovered a security in any area of our security measures, we ask that you share the information with us first! When you report an issue to [email protected], you can expect the following:
We’ll acknowledge your submission and provide ongoing updates as we investigate.
We may ask for more information or details about the behavior you expect or how you produced your results.
Once an issue has been addressed, we’ll notify you with the appropriate next steps.
Qualifying disclosures will make you eligible for our thanks list of Whitehat Security Researchers
