Alexa metrics
Live Chat

Welcome to UKFast, do you have a question? Our hosting experts have the answers.

Chat Now
Sarah UKFast | Account Manager

Online Payments: New Security Changes

3 March 2016 by Guest

In June of this year, the payments sector will face some major changes that all businesses need to be aware of. First Capital Cashflow, one of the UK’s leading providers of bespoke Bacs processing services that incorporate Direct Debits, shares insights on how to ensure you’re staying safe.

First Capital Cashflow

For any business that sends and receives payments over the internet, which in today’s digital world will be near enough all of them, the security of those payments is a top priority. That’s why the majority will use the Bacs system or Direct Debits to send money to clients and employees and to receive payments, as it’s controlled and protected through strict levels of security.

However, it’s worth noting that the payments sector is undergoing major changes which all businesses should be aware of. In four months’ time, in June 2016, payment security measures will be upgraded. The two big changes will be the upgrade to SHA-256 and TLS 1.1 / TLS 1.2 security, which will be used to protect any payment files that are sent and received by yourselves from external interference and malicious threats.

What is SHA-256?

SHA-25, or Secure Hashing Algorithm, is a piece of software that is brand new to the payments scene. This extremely sophisticated method of internet security is now being adopted by the likes of Google, Microsoft, and the majority of the internet community. Replacing the old SHA-1 software, SHA-256 has a number of security benefits:

  • Basically, SHA-2 ensures that data files have not been tampered with or changed by external sources
  • It does this by using a single line of verifiable code which takes the form of a digital signature
  • It is much stronger than SHA-1 from a cryptographical point of view or, in layman’s terms, it uses a secret coded language to ensure no one can read it. This means that it can be attacked again and again, and puts up a much stronger defence than SHA-1

What is TLS 1.1 and TLS 1.2?

TLS stands for Transport Layer Security, and is used to create a secure connection between both your internet browser and the Bacs Payment Services website, and between your payment software and Bacs.

You may already be familiar with a piece of technology called SSL, or Secure Sockets Layer, which provides protection when payments are being made through the internet. Essentially TLS 1.1 and TLS 1.2 will replace SSL, which is becoming more vulnerable against external threats.

What does this mean for Bacs users?

In June 2016, the security updates mentioned above will come into effect and if your computer’s operating system, your internet browser or the software you use to make payments are not compatible, then you will not be able to collect Direct Debits or make payments to suppliers or staff.

So it is incredibly important that businesses take steps to ensure that they are still protected. For the majority of people, who will use operating systems such as Windows or browsers like Google Chrome, the updates will be taken care of for you by Google or Microsoft.

However, some checks will need to be done on your part to ensure that your Bacs Approved Software is compatible with the new updates. This can just take the form of a simple check with your provider as, for example, if you use a cloud-based Direct Debit system, the update may take place automatically, however this will not be the case for all.

What comes next?

Businesses have four months to ensure that their Direct Debit provider is ready for these security changes. As we mentioned, checking with your provider could be all that you are required to do, but be sure to learn as much as you can about the changes. Given that cashflow is the lifeblood of every business across the world, being unprepared for a payments change like this could cause some serious disruption.

Since starting trading in 2001, First Capital Cashflow has become one of the UK’s leading providers of bespoke Bacs processing services that incorporate Direct Debits. Working with businesses and non-profit organisations, First Capital Cashflow is a Bacs-approved bureau that provides proven solutions designed to help its clients overcome their main financial challenges.