The internet and internet security are moving on, and this could affect access to the service which is used for collecting Direct Debit or making Bacs Direct Credit payments.
A new and more sophisticated level of internet security, known as SHA-2, is being adopted by the likes of Microsoft and Google, and organisations that use Bacs to collect or make payments - including paying salaries and pensions - should make sure they can accommodate this. Failure to do so could result in being unable to access Bacs’ services after 1 June 2016.
At the same time as this change is being made by the internet community, Bacs will withdraw support for older connection protocols to provide even more protection for the communications pipeline between the internet-based service access points, Bacstel-IP and the Payment Services Website, and the service user. After 1 June 2016, only TLS 1.1 and 1.2 will be supported.
It will not be possible to access Bacs via Bacstel-IP or the Payment Services Website after 1 June 2016 if service users do not have in place a web browser, operating system, and - if used - a Bacs Approved Software Solution that support these changes.