How do we get compliant with Barclaycard Merchant Services?

[Delwyn Griffiths]

We receieved a call this morning from Barclaycard Merchant Services stating that we are longer compliant and having answered a series of questions on how we operate, i.e. I explained that we used a well known bespoke insurance brokers' software system called Open GI which utilised their integrated secure bank card software payment system called CreditLine Plus and which in turn linked automatically with an integrated secure payment gateway named Monek Ltd, I was told that this method was no longer compliant.

 

Us using what they termed as a 'virtual terminal' was acceptable and compliant in respect of accepting payment over the phone, but non-compliant in respect of 'face to face' transactions and they talked about us going back to using card terminals for face to face transactions which to me in theses days of advanced technology was going backwards!

 

Have any othe Opne GI users experienced the same problem and if so, how was it overcome?

What other 'payment solutions' companies do other Open GI users use?

 

[Mark Sollis]

Bore da Delwyn - hope you are well

 

There are a few points here and suspect I'm not close enough to the underlying issues raised by BMS to answer fully. However ...

 

1. Card Not Present (CNP) or Mail Order Telephone Order (MOTO) transactions are specific payment types recognised by merchant services accounts. These carry a higher risk of fraud - and consequently, most service accounts have a higher charge cost per transaction using this method.
2. Conversely, Card Present transactions are more secure and most service accounts have a lower cost per transaction

 

Both methods above are equally "compliant" subject to the underlying methods and processes

 

I suspect the issue is that you are processing all these as CNP and BMS are querying this because it doesn't reflect the method used to take payment. I would need some convincing by a PCI compliance expert that this is actually "non compliant" - more it is just an incorrect use of the service. 

 

What would happen if you asked your customer to go outside and ring back to the office so that you could process them as CNP? Crazy I know ... 

 

I'm not sure whether OGI have a CVV option and/or whether this is available with Monek. But this would be the required F2F process - but may need a separate account from BMS anyway (?)

 

I am sure however, that there are many OGI brokers just like yourselves that do F2F and CNP processing - none of whom use Card Terminals for F2F. Its ridiculous!

 

Can I suggest you speak with OGI in the first instance and ask them how they would respond. Also, ring a few other friendly OGI brokers and see what they do / who the use. Finally, speak to other Merchant service providers direct and ask if they would be happy to have a generic CNP process, even if the customer was in your office.

 

I hope some other users will be able to provide input here - coal face users are the best users

 

Get in touch direct if you need any further input - and do keep us updated on here.

 

Thanks

 

M

[Mark Sollis]

See post here also referring to CNP position from Barclaycard CNP Charges - Barclaycard