From the 13th June 2016 Bacs will implement SHA-2 and TLS security changes meaning that anyone submitting direct payments will be required to update their Bacs Approved Software Solution (BASS).
What and why?
These security changes are in response to increasingly sophisticated online threats, which have put pressure on the Internet community to tighten their security protocols and standards.
Bacs will adopt SHA-2, a more advanced certification, and will not longer support older connection protocols meaning that only TLS 1.1 and 1.2 will be accepted.
What do you need to do?
What you need to do in response to these changes depends on how you access Bacs services:
Direct Submitter: If you submit directly to Bacs
- Check with your Bacs Approved Software Solution provider that your Bacstel-IP software is compatible (or will be compatible) with SHA-2 SSL certificates and TLS 1.1/1.2 by the 13th June 2016.
- If you access the Payment Services website ensure that the security changes are supported by your browser and operating system.
Please note that existing smartcard, digital certificate and signing solution will be replaced in due course.
Indirect Submitter: If a Bacs Approved Bureau submits on your behalf
- Contact your bureau (a list can be found here) to ensure they are aware of the deadline and the necessary updates.
- If you access the Payment Services website ensure that the security changes are supported by your browser and operating system.
And if I miss the deadline?
Any business that doesn’t respect the deadline for implementing the changes will not be able to access the Bacstel- IP to collect Direct Debits or make direct supplier, expenses or salary payments.
What about SlimPay customers?
SlimPay’s customers don’t have to do anything as we already support SHA-2 SSL certificates and TLS 1.1/1.2.
SlimPay’s system can help you avoid high upgrade charges, safeguard against future unknown upgrade charges as well as providing an improved BACS process and removing most of the manual processes traditionally associated with Direct Debit. Here at SlimPay our vision has always been to take the pain out of collecting recurring payments by making them smarter, safer and simpler. Let us do the hard work for you!
If you have any questions with regards to how the mandatory security changes could affect your business’ payments collection contact us!