Designed for Trust: iGoDirect’s Commitment to Security and Compliance

iGo takes security seriously

In today’s fast evolving digital payments environment, security and compliance are at the heart of iGo’s operations. Powering the True Rewards digital Visa cards and card platform, iGoDirect carries the responsibility of protecting businesses, cardholders and the broader financial ecosystem through rigorous security controls and regulatory compliance. 

The infrastructure behind the True Rewards platform supports every transaction, card issuance and payment interaction while meeting strict operational, security and compliance standards.

Why Security and Compliance Matter 

Prepaid and stored-value card products are targets for fraud and financial crime if not properly managed. As an Australian Financial Services Licence (AFSL) holder, iGoDirect operates under strict Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) obligations and embedding compliance into every stage of the card lifecycle, from onboarding to transaction monitoring and reporting is crucial. 

Security and compliance are not standalone functions. We build them into the design of the platform’s design to reduce risk, prevent misuse and ensure ongoing trust. 

Regulatory Compliance at the Core 

iGoDirect built the True Rewards platform with compliance embedded throughout the entire card lifecycle, from onboarding and issuance through to redemption, reconciliation and reporting. 

The platform supports key compliance obligations including: 

  • Customer identification and verification (KYC)  
  • Business identification and verification (KYB)
  • Transaction monitoring  
  • Risk-based controls on card issuance and stored value  
  • Record-keeping and audit trails  

These obligations directly influence how we implement and maintain controls, monitoring systems and platform security measures. 

As cyber threats continue to evolve, iGoDirect continues to invest in platform hardening, monitoring and automation to ensure the True Rewards infrastructure remains secure, resilient and compliant. 

Independent Security Validation 

Beyond internal controls and ongoing platform hardening, iGo Group regularly engages independent security experts to validate the resilience of the True Rewards platform. 

To validate our security posture, we engaged a leading AI powered penetration business to conduct a full white-box penetration test, simulating real-world attack scenarios. 

While the initial test identified findings (as expected), our team resolved 100% within 24 hours — far exceeding the standard 60-day remediation window. Using modern engineering practices, fixes were deployed in hours, not weeks. 

The retest results were clear: 

  • Zero critical, high, medium or low vulnerabilities 
  • Confirmation of a strong security posture 

This demonstrates both the strength of our platform and the speed of our engineering capability. 

Built for Scale, Built for Trust 

Independent security experts validated the platform’s architecture as secure and scalable and our development approach enables rapid response to emerging risks. 

Third-party testing like this provides clients with real confidence: the True Rewards card issuing platform is not only compliant but has also passed rigorous external scrutiny. 

Looking Ahead 

iGo continues to invest in automation, monitoring and scalable compliance infrastructure to support growing demand for enterprise-grade payments, incentives and rewards programs. 

Our Commitment 

Security and compliance are built into everything we do. As threats and regulations evolve, iGo remains committed to continuous improvement — delivering secure, trusted and scalable digital payment experiences.