HSBC and PCI DSS Compliance

[AJLA]

Does anyone bank with the HSBC?
Process credit card payments with the customer not present?

For those of you that sell over the internet or by phone if you do not use payal but process "CNP" transactions via a merchant teminal do you pay to be PCI DSS Compliant?

I paid (until approx a month ago) an annual fee for this certificate, it was recently due for renewal but at the time we thought we were going to change our merchant terminals from the HSBC to another company whose monthly fee included the certificate so I did not re new.

This morning I have received a letter from the HSBC stating that if do not get this certificate re newed they will charge me a non refundable fee of £50.00 a month:mad:

I know several companies who bank with HSBS who have Freestart Plc websites and process the payments in the same way.

Am I just being unlucky or are these rules becoming more stringent with all banks.

[jennywren]

You need to phone them up because we forgot to pick tick a box, so legal compliance was not completed, they charged us £50.00 their argument is you had enough warnings ( I didn't ) So they phone call save you money because they will still taking the 50.00, I am not with the HSBC, it applies to all terminals, I am sorry I can't explain in depth but they should put you right when you phone Sorry

[gstk]

You need to phone them up because we forgot to pick tick a box, so legal compliance was not completed, they charged us £50.00 their argument is you had enough warnings ( I didn't ) So they phone call save you money because they will still taking the 50.00, I am not with the HSBC, it applies to all terminals, I am sorry I can't explain in depth but they should put you right when you phone Sorry

We had a meeting with the people from Streamline this week. They offer a good solution for internet transactions and chip n pin. at a reasonable cost. the web site is www.cardsave.net might be worth a look. If anyone else is using them I would like to know what you think of them. we currently have a machine through Bank of Scotland which is ok and no PCI extras

[AJLA]

I have heard of Streamline and also think I may have looked into them in the past, can't remember the reason why I did not go with them but there must be one.
I recently had a meeting with Payment sense who thought they were offering great rates, he came and checked out my charges etc and said we were actually on a brill rate and to stick with it.

Oh I remember ..Streamline, someone did pop into the shopfrom there a couple of months ago, he told me that the rates i'm paying are usually only offered to companies with a "much" higher turnover.

Bank of Scotland machine, do you also accept Customer Not Present transactions ?

[jennywren]

i take Customer not present Transactions, scared the life out of me at the start, had all the instruction written down step by step, half my orders come over the phone so it's well worth it

[logobear]

I have been with barclays merchant services for years - no-one beats the deal i get with them.
The PCI DSS compliance is a right PITA.
I have been self certifying, - I don't see why i should pay someone else to tick some boxes, but i must say it is the worlds most user unfriendly form ......
Now i just send a copy of the previous years with a date change !
If I am slow to re cert, Barclays fine me by surcharging me couple of %

[AJLA]

I didn't know that you coul "self cert" Phil. Must Google it, after all i'm just ticking boxes on someones form too and paying for the pleasure of it. They scan my site occasionally and that's it.

[logobear]

securitymetrics are the company that charges for the cert, but they are obliged to provide a self cert option (Self assesment questioneer), - as said - it is an admin PITA but once done, I just re send each year.

[AJLA]

It is securityMetrics I have used in the past, never noticed the self cert option there though, I must have a closer look.

[gstk]

The first form we filled out (It was a pain) and it passed. Every year since then all we have had to do is phone them and state there are no changes and that has been sufficient.