The short answer: the infrastructure is sound, and the regulation is real, but “safe” depends on which kind of wallet you mean and how you use it. Three points matter more than the rest.
Tokenisation works
Mobile wallets never share your card number with the merchant. A compromised shop terminal can’t replay a tokenised payment the way it can a card swipe. On the security question alone, Apple Pay and Google Wallet are a step up from physical plastic.
Instant payments are irreversible
This is the trade-off Australia accepted when it built the New Payments Platform. Once an Osko or PayID transfer lands, you can’t claw it back. Scammers know this, and PayID impersonation scams climbed sharply through 2024 and 2025. Verify a new payee through a separate channel, and read the name your bank shows you before you confirm.
Stored balances are not bank deposits
Money in a PayPal, Wise, Skrill or Revolut balance is not covered by the Financial Claims Scheme, which protects up to A$250,000 in actual Australian bank deposits. If the provider fails, you are a creditor, not a protected depositor. Hold transactional amounts, not savings.
How to check a provider
Anyone holding customer balances or offering remittance in Australia must register with AUSTRAC, and most also hold an AFSL from ASIC. You can look both up yourself before signing up — we walk through how in KYC and AUSTRAC explained.
A short checklist
- Turn on two-factor authentication on every wallet you hold.
- Never act on a text or email asking you to “verify” or “upgrade” a PayID — those are scams.
- Treat any request to pay a fee to “release” incoming money as fraud.
- Keep wallet balances small; move money to a bank account for anything you want protected.
General information about payment methods available in Australia. Not financial advice. Fees, limits and features change — verify current terms with the provider before acting.