Monday, 31 May 2010

Happenings this week

I'm still working on updating prices - completed the saxophone section this week, which contains a number of fairly hefty price rises for imported music, mostly around £2. I've added a collection which I had unaccountably missed off - Leonard Bernstein for Alto Sax.

This week I finally got around to completing the compliance requirements for the PCI DSS regime which I mentioned a couple of months ago. This is supposed to be about improving security for payments, but as far as I can see it is a paper exercise which will improve revenue for a few companies, to the detriment of retailers.

I use third parties to handle payments - Sagepay and Paypal, two of the really big boys in the arena who have the highest levels of encryption and compliance with the regulations. So I don't keep or process any card details myself - they handle all the security. This is good for me and good for my customers. My payment gateway, Streamline (aka Royal Bank of Scotland) , knows who I use as they handle it, so why do I find myself filling in forms telling them what they already know? Moreover, the forms they sent are written in American English and the instructions in the glossy booklet which tell you how to access and work through the website are inaccurate. The only good thing is that I am allowed to self-assess and avoid paying someone to come and have a look at my computer.

So I've spent several hours complying with this pointless regime, when I could have been doing other things. Are my systems more secure as a result? No, they were already secure to the highest levels in the industry. What difference has all this made to my customers? None. This has to be the very epitome of "red tape"!

No comments: