Thursday, 22 September 2016

My helpful bank

A long long time ago, I started accepting payments via credit card. Banks hadn't heard of the internet, so they called it "mail order". And what I did, was each week, I printed out all the billing details, onto actual paper, and we took them to my local branch. They signed for the batch, and forwarded the sheaf of paper to I know not where, at which place some poor sod typed it all in. I did offer to give them a floppy disk, but they didn't want that.

It worked quite well, until my bank lost a batch of about £5000 worth. They'd signed for it, but it had gone walkabout somewhere between my bank and wherever they processed it. They didn't notice for several months. At that point, they told me about it, and I suggested that since it was their fault, they should stump up the dosh. Their idea was that I should bill the people again, several months after they were expecting to be billed. I pointed out that this would result in a flood of people querying the billings, and I wasn't going to do it. So they stumped up the dosh.

20 years later, it's all very automated and streamlined. I transmit an encrypted stream of data to their server, they transmit back an encrypted stream of data telling me which cards were OK and which were declined.

But they keep changing it.

Most recently, they insisted that I move to the encryption system TLS 1.2, which I have, although I'd guess that 99% of their customers haven't done that, not least because they provided no test bed; they expected people to make the change and go straight to production, which is OK if you can write software flawless and error-free, but the number of people who can do that can be counted on my left thumb.

And now they've come up with two more hurdles. Now you have to send the AAV (Account holder Authentication Value, and I'm none the wiser for being told what the TLA expands to), or your "transactions will be downgraded to insecure", and I know the translation of that, it means they charge you an extra 0.85% for doing the billing.

And they're also introducing "authorisation decline fees". If an transaction was previously declined as R1 or R3 (and the info that I get back from them doesn't include that) then for every fourth and subsequent transaction request will be billed at 1 euro.

This all comes in a little leaflet "Welcome to Barclaycard business essentials" which is their Bad News Newsletter, with a perky, upbeat introduction by "Sharon Manikon" (in my experience, the people who sign these things often don't actually exist) in which she says "we'll continue to help you achieve your business' ambitions" (and yes, that's where she put the apostrophe, which might actually be correct, but doesn't look right to me - tricky buggers, apostrophes).

A more accurate statement would be "we'll continue to put obstacles in your path, just to make your life more interesting and the bank's business more profitable"

No comments:

Post a Comment