Jump to content
  • 0

How do we get compliant with Barclaycard Merchant Services?


Delwyn Griffiths

Question

We receieved a call this morning from Barclaycard Merchant Services stating that we are longer compliant and having answered a series of questions on how we operate, i.e. I explained that we used a well known bespoke insurance brokers' software system called Open GI which utilised their integrated secure bank card software payment system called CreditLine Plus and which in turn linked automatically with an integrated secure payment gateway named Monek Ltd, I was told that this method was no longer compliant.

 

Us using what they termed as a 'virtual terminal' was acceptable and compliant in respect of accepting payment over the phone, but non-compliant in respect of 'face to face' transactions and they talked about us going back to using card terminals for face to face transactions which to me in theses days of advanced technology was going backwards!

 

Have any othe Opne GI users experienced the same problem and if so, how was it overcome?

What other 'payment solutions' companies do other Open GI users use?

 

Link to comment

2 answers to this question

Recommended Posts

  • 0

Bore da Delwyn - hope you are well

 

There are a few points here and suspect I'm not close enough to the underlying issues raised by BMS to answer fully. However ...

 

  1. Card Not Present (CNP) or Mail Order Telephone Order (MOTO) transactions are specific payment types recognised by merchant services accounts. These carry a higher risk of fraud - and consequently, most service accounts have a higher charge cost per transaction using this method.
  2. Conversely, Card Present transactions are more secure and most service accounts have a lower cost per transaction

 

Both methods above are equally "compliant" subject to the underlying methods and processes

 

I suspect the issue is that you are processing all these as CNP and BMS are querying this because it doesn't reflect the method used to take payment. I would need some convincing by a PCI compliance expert that this is actually "non compliant" - more it is just an incorrect use of the service. 

 

What would happen if you asked your customer to go outside and ring back to the office so that you could process them as CNP? Crazy I know ... 

 

I'm not sure whether OGI have a CVV option and/or whether this is available with Monek. But this would be the required F2F process - but may need a separate account from BMS anyway (?)

 

I am sure however, that there are many OGI brokers just like yourselves that do F2F and CNP processing - none of whom use Card Terminals for F2F. Its ridiculous!

 

Can I suggest you speak with OGI in the first instance and ask them how they would respond. Also, ring a few other friendly OGI brokers and see what they do / who the use. Finally, speak to other Merchant service providers direct and ask if they would be happy to have a generic CNP process, even if the customer was in your office.

 

I hope some other users will be able to provide input here - coal face users are the best users :)

 

Get in touch direct if you need any further input - and do keep us updated on here.

 

Thanks

 

M

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Posts

    • So #BIBA for Real is back! Anyone else going?    Handy Tip - "Speak to more people you don't know, than those you do know"   You can thank me later - with flowers 🌻 💖
    • "Warning re Sanctions Checks on #OpenGI"   This post is now available in the Public area of the Forum for review and comment 
    • Great to meet back up with the Open GI User Group Committee after soooooo many sessions on remote links   Breaking bread face to face is much more pleasant than a cup-of-soup in between video chats    Exciting times ahead for members and lot's of new stuff coming from Open GI
    • So - what is the point of this ..   Don't tell me even if you say "Yes" - it's actually being ignored?   Why would anyone restrict Sanctions Checks to specific Client / types - let alone specific Capture Page Layouts - SURELY a Yes/No per Client / Contact - and the existing global parameters - covers all the bases. Oh and where in the manual did it not explain this?   Either way - the Yes/No below is at best misleading for operators and at worst - a breach for the business!! Who's picking up that cost ...  
    • So, we find ourselves in modern day unprecedented time.  Governments around the world are applying strict sanctions against Russian companies and individuals and it's being made very clear that action will be taken if those sactions are ignored.   For most of us, this will not be an issue but what if you do have a sanctioned individual or company?  Are you checking?  Are you relying on Open GI Sanctions checking?   First of all, have you got Broker and Prospect Amendment completed under sanctions checking to review Commercial Risks?  Using the Level 1 Contacts on a Commercial master frame will also Sanction check whoever or whatever you put in for review.     However, what about your personal lines clients?  The client level is checked sure, but what about the contacts you've added??  Well, if you're not aware, be aware.  They don't get checked.  So, if you've corrected added a contact for a joint policyholder on a Home policy for example, just hope you've either got them insured in their own right somewhere or that they are not called Abramovich!     The point of Sanctions checking is that you have a record of the checks, in the event of something being highlighted.  Open GI have gone to the trouble of making this work for the Commercial risks but not Personal Lines.   However, your User Group Committee have raised this issue and will continue to apply pressure until something is done.
×
×
  • Create New...