Online businesses in the UK are being warned by Bacs Payment Schemes Limited (Bacs) that they could be locked out of secure websites including those used to make salary payments, if they don’t act to update their systems.
From 13 June, Bacs is adopting the new security, called SHA-2- SSL. At the same time as this change is being made, Bacs will withdraw support for older connection protocols to beef up security between connections.
After 13 June 2016, only TLS 1.1 and 1.2 will be supported, meaning that IT departments professionals who want to access Bacs via Bacstel-IP or the Payment Services website to make or collect payments will need to have a web browser, operating system, and – if used – a Bacs Approved Software Solution that support these changes.
It’s a significant shakeup that could have serious implications for UK businesses which use Bacs to make salary payments, and IT departments which manage back office supplier payments or payment collection by Direct Debit will be affected.
This security update will affect everyone using Bacs to pay their staff and suppliers, or collect payments from customers using Direct Debits. In short, it adds stronger security to the way in which payment files – that contain the individual payment instructions for an employee payroll for example – are submitted for processing by Bacs.
‘The situation requires immediate attention – this really is something you do not want to leave until the last moment or to get embroiled in the inevitable last minute rush to meet the deadline,’ said Ewan Friend, managing director of Data Interchange. ‘If you don’t upgrade your software, you could find that you’re not able to pay your staff and suppliers, or collect payments from customers.’
Organisations that submit payment files directly to Bacs services should contact a Bacs Approved Software Supplier to discuss what steps to take for upgrading your software, advises Friend.
‘This is a critical issue across all industries, reaching down to SME organisations and businesses,’ he said. ‘Whether, you are a golf club, a local gym, an association or a business that makes or collects payments you will naturally want the control over these payments that comes with direct debits – as opposed to standing orders. Without making the necessary software upgrade, people will not get paid and revenues will not get collected – potentially creating a vicious liquidity circle.’
– See more at: http://www.information-age.com/it-management/strategy-and-innovation/123461191/bacs-security-update-it-warned-act-now-or-risk-losing-access-vital-online-payment-services#sthash.FfWq3gZI.dpuf