I had the same issue with Barclaycard last year as we had previously done our PCI DSS compliance via SecurityMetrics for a flat fee of £11.99 a year. Barclaycard tried to bully us into using their services and in the end it took 5 months of to-ing and fro-ing to get them to mark us as compliant on their system and take us off their mailing list threatening to introduce additional charges for not being compliant! In the end all I have is a verbal promise that these changes have been made as the staff apparently have no facility to send emails or letters to customers. A shambles and an excuse to extort money from customers.

I have today received a letter to my (other) business insisting we use their Data Security Manager and this tells me that they no longer their “preferred security partner” and that we will still have to upload documents via the portal to prove our compliance (even though we’re compliant via SecurityMetrics).

This seems like a means to bully e-retailers into paying a larger monthly fee. We were already in the process of swopping over to WorldPay (who include PCI DSS fees in their package and charge less overall) but this has just confirmed that my decision to move our business is the correct one.

Hopefully more businesses will move away from Barclaycard too.