❓ A WA parliamentary question on notice seeks information on online payment systems used by departments under the Minister's portfolio, including security, data storage, costs, and usage.
AnsweredQoN 1212Legislative Assembly
Asked
27 June 2017
Member
Portfolio
Tourism; Racing and Gaming; Small Business; Defence Issues; Citizenship and Multicultural Interests
QuestionView source ↗
Do any of the Minister's portfolio responsibility Departments, Boards, Agencies or corporations operate an online payment system, and if so: (a) What is the URL used to access this payment system; (b) What is the system used for; (c) Since 1 January 2017 have there been any reported online attacks or breaches of these systems; (d) Does the online payment system store any personal data of those who use it: (i) If so, what data is stored and for how long; and (ii) If so, is that data encrypted; (e) Are there any maintenance costs associated with the online payment system: (i) if so, what is the annual maintenance cost; (f) Are there any people dedicated to the administration of the online payment system: (i) If so, what is the job title of those people and their associated salary and entitlements; and (g) How many people have used the system since 1 January 2017?
AnswerView source ↗
Answered
8 August 2017
Responded by
Minister for Tourism; Racing and Gaming; Small Business; Defence Issues; Citizenship and Multicultural Interests
Response time
3 days
Tourism Portfolio
Tourism WA
No
(a-g) Not applicable
Rottnest Island Authority
Yes
(a) The RIA uses payment gateways for all systems which are used to take card payments. These URLs are not published to the web, but are accessed internally by applications and triggered by the payment mechanism.
(b) OPERA – accommodation bookings;
OPERA for Moorings – used for all vessel rental moorings;
Galaxy – used for tourism rentals and some accommodation bookings; and
Bike Rental Manager – for all bike and leisure equipment bookings.
(c) No
(d) Yes, OPERA and Bike Rental Manager.
(i) OPERA retains the data for lengthy periods for Customer Relationship Management: Bike Rental Manager retains the information for an indefinite period, but secured.
(ii) Yes, all credit card information is stored in encrypted format. Personal information is only stored in OPERA, but is secured by two layers of authentication, one for network access and the second with internal access within the application.
(e) Yes
(i) OPERA $53,000 (for the two systems), Galaxy $25,000, Bike Rental Manager $17,000.
(f) Yes
OPERA (both systems)
Galaxy
Bike Rental Manager –
(g) OPERA (accommodation) – 14,389 visitor bookings
OPERA (moorings) – 1904 rented moorings
Galaxy – 41,402 service payments
Bike Rental Manager – 20,438 rental customers
Racing and Gaming Portfolio
Burswood Park Board
No
(a-g) Not applicable
Department of Racing, Gaming and Liquor
Yes
(a) https://portal.rgl.wa.gov.au/ and http://www.rgl.wa.gov.au/home/online-payments
(b) Allows customers to make online payments for applications and financial returns.
(c) None
(d) No personal data is stored.
(i – ii) Not applicable
(e) No
(i) Not applicable
(f) 1 x Level 3 Finance Officer one hour per day.
$73,717 per annum = $37.68/hr
$37.68 x 250 working days = $9,420
(g) 5,213 (up to 27/6/17)
Racing and Wagering Western Australia
Yes
(a) Wagering: www.TABtouch.com.au
Racing: https://www.bpoint.com.au/payments/racingwageringwa
(b) Wagering: Allows customers to deposit money into wagering accounts.
Racing: Allows industry participants to pay licensing, registration and breeding scheme fees.
(c) No
(d) (i-ii) www.TABtouch.com.au – Bet account numbers and customer identification numbers are stored indefinitely.
Data is not encrypted due to highly secured system with restricted and audited access.
https://www.bpoint.com.au/payments/racingwageringwa - No personal data stored.
(e) $56 for BPoint
(i) Not applicable
(f) No
(g) Wagering: 44,269 (up to 27/6/17)
Racing: 185 (up to 3/7/17)
Western Australian Greyhound Racing Association
No
(a-g) Not applicable
Small Business Portfolio
Small Business Development Corporation
(a) payments.smallbusiness.wa.gov.au
(b) For clients to register (and pay if required) for workshops; and make application fee payments under the business migration programme, and for mediation services.
(c) No
(d) Yes
(i) First name, last name, date of birth, email address, phone number; eight years.
(ii) No
(e) Yes
(i) $3135 for security patching.
(f) No
(i) Not applicable.
(g) 2112
Defence Issues Portfolio
Defence West (as part of the Department of Commerce)
In terms of the former Department of Commerce.
No
(a-g) Not applicable
Citizenship and Multicultural Interests Portfolio
Office of Multicultural Interests (as part of the Department of Local Government and Communities)
In terms of the Office of Multicultural Interests only
No
(a-g) Not applicable
Tourism WA
No
(a-g) Not applicable
Rottnest Island Authority
Yes
(a) The RIA uses payment gateways for all systems which are used to take card payments. These URLs are not published to the web, but are accessed internally by applications and triggered by the payment mechanism.
(b) OPERA – accommodation bookings;
OPERA for Moorings – used for all vessel rental moorings;
Galaxy – used for tourism rentals and some accommodation bookings; and
Bike Rental Manager – for all bike and leisure equipment bookings.
(c) No
(d) Yes, OPERA and Bike Rental Manager.
(i) OPERA retains the data for lengthy periods for Customer Relationship Management: Bike Rental Manager retains the information for an indefinite period, but secured.
(ii) Yes, all credit card information is stored in encrypted format. Personal information is only stored in OPERA, but is secured by two layers of authentication, one for network access and the second with internal access within the application.
(e) Yes
(i) OPERA $53,000 (for the two systems), Galaxy $25,000, Bike Rental Manager $17,000.
(f) Yes
OPERA (both systems)
Galaxy
Bike Rental Manager –
(g) OPERA (accommodation) – 14,389 visitor bookings
OPERA (moorings) – 1904 rented moorings
Galaxy – 41,402 service payments
Bike Rental Manager – 20,438 rental customers
Racing and Gaming Portfolio
Burswood Park Board
No
(a-g) Not applicable
Department of Racing, Gaming and Liquor
Yes
(a) https://portal.rgl.wa.gov.au/ and http://www.rgl.wa.gov.au/home/online-payments
(b) Allows customers to make online payments for applications and financial returns.
(c) None
(d) No personal data is stored.
(i – ii) Not applicable
(e) No
(i) Not applicable
(f) 1 x Level 3 Finance Officer one hour per day.
$73,717 per annum = $37.68/hr
$37.68 x 250 working days = $9,420
(g) 5,213 (up to 27/6/17)
Racing and Wagering Western Australia
Yes
(a) Wagering: www.TABtouch.com.au
Racing: https://www.bpoint.com.au/payments/racingwageringwa
(b) Wagering: Allows customers to deposit money into wagering accounts.
Racing: Allows industry participants to pay licensing, registration and breeding scheme fees.
(c) No
(d) (i-ii) www.TABtouch.com.au – Bet account numbers and customer identification numbers are stored indefinitely.
Data is not encrypted due to highly secured system with restricted and audited access.
https://www.bpoint.com.au/payments/racingwageringwa - No personal data stored.
(e) $56 for BPoint
(i) Not applicable
(f) No
(g) Wagering: 44,269 (up to 27/6/17)
Racing: 185 (up to 3/7/17)
Western Australian Greyhound Racing Association
No
(a-g) Not applicable
Small Business Portfolio
Small Business Development Corporation
(a) payments.smallbusiness.wa.gov.au
(b) For clients to register (and pay if required) for workshops; and make application fee payments under the business migration programme, and for mediation services.
(c) No
(d) Yes
(i) First name, last name, date of birth, email address, phone number; eight years.
(ii) No
(e) Yes
(i) $3135 for security patching.
(f) No
(i) Not applicable.
(g) 2112
Defence Issues Portfolio
Defence West (as part of the Department of Commerce)
In terms of the former Department of Commerce.
No
(a-g) Not applicable
Citizenship and Multicultural Interests Portfolio
Office of Multicultural Interests (as part of the Department of Local Government and Communities)
In terms of the Office of Multicultural Interests only
No
(a-g) Not applicable
Explore WA Government Data
Search the full archive in the free dashboard, or query programmatically via API.
Explore more
Government Gazette
Appointments, regulatory notices, planning changes.
Hansard
Debates, questions, speeches and sentiment.
Tabled Papers
Reports and documents tabled in Parliament.
Committees
Committee profiles and recent reports.
Regulations
Subsidiary legislation with filters and summaries.
Bills
Proposed laws and parliamentary progress.
Acts
Current WA legislation and summaries.
Explanatory Memoranda
Bills with EMs (text/PDF) available.
Members
MP profiles, party breakdown and rankings.
Pollie Rankings
Data-driven rankings across 19 categories.
Amendment Chains
Track how schemes and regulations evolve over time.