PayID® makes paying someone as simple as knowing their phone number or email address — no BSBs, no account numbers, no paper trail of sensitive banking credentials shared in a chat. When you combine PayID with QR codes, the process gets even faster: a single scan populates all the payment details automatically, and you just confirm and go.
This guide covers three things: how to pay a vendor using their QR code, how to generate your own QR code to receive payments, and how to set up a PayTo® agreement for automated recurring payments. It also covers the scam types you need to recognise before you use either system in the wild.
Quick Take:PayID + QR codes work across all major Australian banks via their mobile apps. Steps vary slightly by app, but the underlying flow is identical. If you only scan QR codes at trusted physical businesses via your banking app, the process is straightforward and safe. The primary risk is social engineering — scammers using PayID’s name — not the technology itself.
What Is PayID?
PayID is an address layer built on Australia’s New Payments Platform (NPP). Instead of sharing a BSB and account number to receive a payment, you register an identifier — your mobile number, email address, or ABN — and link it to your bank account. According to Australian Payments Plus (AP+), the organisation responsible for managing PayID, you can register multiple PayIDs per account and transfer a PayID to a different bank at any time without changing your identifier.
Payments sent via PayID travel through the NPP and typically settle within seconds — 24 hours a day, 7 days a week, including public holidays. The key verification step is the confirmation screen: before you authorise any payment, your banking app displays the registered name of the PayID holder. If the name displayed does not match the person or business you intend to pay, stop the transaction and verify directly.
While PayID is primarily used for everyday transfers and business payments, it is sometimes referenced in broader payment ecosystems, including platforms like a casino with a PayID account, where fast bank-based transactions are part of the user experience. However, always verify the legitimacy and regulatory status of any platform before using PayID outside standard banking contexts.
How to Pay a Vendor Using Their QR Code
When a business accepts QR payments, they will present either a dynamic QR code (generated specifically for your transaction, with the amount pre-loaded) or a static QR code (a fixed code that encodes their payment details only). The scanning process is the same either way — what differs is whether you need to enter the amount manually.
Using a Dynamic QR Code (amount pre-loaded)
- Ask the vendor for your bill. They will present a QR code — either printed, or displayed on a device screen.
- Open your banking app.
- Navigate to the payments or transfer section — typically labelled Pay, Send Money, or Transfer.
- Select Scan QR or QR Code from the payment options. (Exact label varies by app — CommBank labels this within the Pay tab; other major banks follow a similar structure.)
- Allow the app to access your camera and hold the QR code in frame until it scans.
- The app will populate the recipient’s PayID details and payment amount automatically.
- Review the confirmation screen carefully — check the recipient name matches the business you are paying, and that the amount is correct.
- Tap Pay Now or Confirm. Payment settles typically within seconds via the NPP.
Using a Static QR Code (enter amount manually)
A static QR code encodes the vendor’s PayID details only — not a specific transaction amount. Some small businesses and market stalls use these because they do not require a point-of-sale system to generate. The steps are identical to the above, except after scanning you will see an amount field left blank. Enter the correct amount from your bill, verify the recipient name on the confirmation screen, and proceed.
As Stripe’s guide to QR code payments in Australia notes, dynamic QR codes are preferred at higher-volume retail settings because they remove the manual entry step and reduce the risk of keying the wrong amount.
How to Generate Your Own QR Code to Receive a Payment
You do not need a business account to create a personal QR code. Most major Australian banking apps include this feature in the same payments section used for sending money. The generated QR code encodes your PayID — the person scanning it will see your registered name before they confirm, but not your account number or BSB.
- Open your banking app and go to the Payments or Transfer section.
- Look for a Receive or Request Money option, often alongside the QR scan feature.
- Select Generate QR Code or My QR Code.
- You can optionally enter a specific amount if you want the payer to see a pre-filled figure.
- Display or share the QR code for the other person to scan via their banking app.
This is particularly useful in peer-to-peer situations — splitting a bill, accepting payment for a private sale, or collecting money at community events — where sharing your BSB and account number in a message thread creates unnecessary exposure.
How to Set Up a PayTo Agreement via QR Code
PayTo® is a separate but related payment mechanism built on the same NPP infrastructure as PayID. Where PayID is used for you to initiate a one-off payment, PayTo allows an authorised third party — a subscription service, a gym, a utility provider — to initiate payments from your account on a schedule you have pre-approved. It is a more transparent, controllable replacement for traditional direct debits.
According to AP+’s official PayTo documentation, PayTo agreements are authorised and managed entirely within your online banking — giving you a central place to view, pause, and cancel any active agreement. By mid-2025, more than 90% of Australian bank accounts were PayTo-enabled across the major four banks and over 60 other institutions.
Setting Up a Recurring PayTo Agreement via QR
- Open the third-party app or website for the service you are subscribing to (a gym membership, streaming service, or similar).
- When presented with a PayTo QR code at checkout or in the app, scan it using the service’s app — not your banking app.
- You will be prompted to create a PayTo agreement, specifying your PayID or BSB/account number, and the agreed payment terms (amount, frequency, start and end dates).
- Switch to your banking app. A pending PayTo agreement will be waiting for your authorisation — typically found under Payments → PayTo or Manage Agreements.
- Review the terms carefully — amount, frequency, and the authorised party — before approving.
Managing or Cancelling a PayTo Agreement
Unlike a traditional direct debit, which often requires you to contact the merchant to cancel, PayTo agreements can be paused or cancelled directly in your banking app at any time — without contacting the third party. Go to Payments → PayTo Agreements (or the equivalent in your bank’s app), select the agreement, and choose Pause or Cancel. The change takes effect immediately. This is also where you should periodically review any active agreements, particularly after cancelling a subscription service.
How to Verify a PayID Before You Pay
The most important safety mechanism in the PayID system is one that users often skip: checking the name on the confirmation screen before approving any payment. This check is built into every PayID transaction and is your primary protection against misdirected payments.
- After scanning or entering a PayID, your app will retrieve and display the registered account holder’s name before you confirm. This happens automatically — do not proceed if the name does not match.
- For vendor QR payments: the name displayed should match the trading name of the business on your bill or signage. A mismatch is a red flag — ask the vendor to clarify before proceeding.
- For peer-to-peer payments: confirm the displayed name verbally with the recipient before approving. A single-character difference in a name can indicate a scam account.
- Never approve a PayID payment from a stranger’s instructions. If you did not initiate the scan and no one has physically shown you a QR code in person, do not scan it.
QR Code and PayID Scams — What to Watch For
CHOICE’s investigation into how criminals exploit the PayID system identifies several recurring scam patterns that every user should recognise:
- Fake “upgrade” scam: A buyer on Facebook Marketplace or Gumtree claims your PayID account needs to be “upgraded” to receive their payment. PayID has no such upgrade mechanism. This is always a scam. Legitimate PayID transactions require no upgrades, fees, or special activations.
- Quishing (QR phishing): A QR code sent via email, shared in an ad, or placed over a legitimate QR code in a public space links to a fraudulent payment page or a credential-harvesting site. Never scan QR codes from unsolicited emails, unknown websites, or physical locations where the code looks tampered with or overlaid.
- Fake PayID emails: Scammers send emails impersonating AP+, your bank, or PayID claiming there is an account issue that requires immediate action. AP+ and your bank will never ask you to verify your PayID by clicking an emailed link.
- Fake payment confirmation screens: In buy/sell scams, a fraudster sends you a fake screenshot of a “payment sent” confirmation. Payments appear in your account — not in a screenshot. Do not release goods until you see funds in your account balance.
Westpac’s PayID security guidance adds: if a buyer offers a price suspiciously higher than your asking price and insists on using PayID while requesting you perform any additional steps — stop all contact and report it to Scamwatch at scamwatch.gov.au.
Troubleshooting Common Issues
- QR scan not working in my banking app: Ensure your app has camera permission enabled (check your phone’s Settings → Apps → [Bank app] → Permissions). Also confirm you are running the latest version of the app — QR scan features are part of regular banking app updates.
- PayID not found after scanning: The QR code may encode a BSB and account number rather than a PayID. In this case, your app will prompt you to enter payment details manually instead.
- Name on confirmation screen does not match: Do not proceed. Contact the vendor directly and ask them to verify their PayID registration. A mismatch most commonly means a recently changed banking arrangement — but it can also signal fraud.
- PayTo agreement not appearing in my banking app: Some banks were slower than others to enable the PayTo management interface. Check for a pending app update first. If the agreement is still absent, contact your bank’s customer support directly — do not re-initiate the agreement until you have confirmed what happened to the first one.
- Payment showing as pending rather than completed: NPP payments typically settle within seconds, but occasional processing delays occur. Allow up to a few minutes before contacting the recipient or your bank. If it has not cleared within an hour, contact your bank.
Safety Checklist
- Always check the name on the PayID confirmation screen before approving any payment
- Only scan QR codes presented in person by the vendor or business — not codes from emails, ads, or pop-ups
- Confirm the amount displayed matches your bill before tapping confirm
- Never proceed if a buyer or stranger asks you to “upgrade” your PayID
- Review active PayTo agreements in your banking app every few months
- Cancel PayTo agreements for services you no longer use — do not rely on the merchant to cancel
- For private sales, only release goods after the payment appears in your account balance — not from a screenshot
- If something feels wrong, stop and call your bank before proceeding
Frequently Asked Questions
Can I use PayID QR codes with any Australian bank?
Most major Australian banks and credit unions support PayID, and the vast majority support QR code payments within their mobile apps. The interface varies by institution — CommBank, ANZ, NAB, Westpac, and most digital banks all have QR scan functionality in their payment sections. If your bank supports PayID but does not yet offer a QR scan option, you can still pay via PayID by entering the recipient’s identifier manually. Check your bank’s app update notes or support pages for the most current feature availability.
Is there a fee for using PayID or QR payments?
For personal account holders at most Australian banks, PayID payments via the NPP are fee-free. Business accounts may incur transaction fees depending on their banking plan and payment volume. Always check your specific account terms — fee structures vary between institutions and account types.
What is the difference between PayID and PayTo?
PayID lets you initiate a one-off payment to someone by scanning their QR code or entering their identifier. PayTo lets a pre-authorised third party — a business you’ve subscribed to — initiate a payment from your account on a schedule you’ve approved in advance. Think of PayID as you pulling money out and sending it; PayTo as giving a merchant a time-limited key to pull an agreed amount on an agreed schedule — with you able to revoke that key at any time through your banking app.
Can I use a PayID QR code to pay without having my phone?
No. QR code payments via PayID require your banking app and a device with a working camera. There is no fallback QR payment process from a web browser or physical card. If you do not have your phone, you can pay using a standard BSB and account number transfer via internet banking, or via EFTPOS if the merchant offers it.
How do I know if a QR code is safe to scan?
A QR code is safest to scan when it is presented physically by the vendor, printed on an official receipt or signage, and scanned using your banking app rather than a general QR scanner. Never scan a QR code you received in an unsolicited email, found in an online ad, or that appears to be stuck over an existing code on a payment terminal. Before scanning any unfamiliar code, inspect the physical sticker or printed material for signs of tampering.
Can I use PayID with international payments?
PayID is a domestic Australian payment system — it operates on the NPP, which processes transactions between Australian bank accounts only. It cannot be used to send or receive funds to or from international accounts. For international transfers, you would use SWIFT, a service like Wise, or your bank’s international transfer option separately.
What should I do if I sent a PayID payment to the wrong person?
Contact your bank immediately. Banks have a scam and mistaken payment process — under the Australian Banking Association’s scam guidelines, your bank is obligated to assist you in attempting to recover the funds. Recovery is not guaranteed, particularly if the recipient has already withdrawn the money, but acting quickly improves the odds. Do not contact the unintended recipient directly before speaking to your bank.
Can I set up multiple PayTo agreements for different services?
Yes. You can hold multiple active PayTo agreements simultaneously — one for a gym, one for a streaming subscription, one for a utility, and so on. Each agreement is individually viewable, pauseable, and cancellable in your banking app’s PayTo management section. There is no fixed cap on how many agreements you can hold, though this may vary by institution. Reviewing them periodically is good practice, especially after cancelling a service subscription.
💬 Comments