Wednesday, 3 February 2010

VBA Ltd not PCI compliant!

OK, they are going to finally refund the £35 court fees as well.

However they needed my card details to do the refund.
I said they must have them already.
They said no!
I said "but you refunded the original amount"
He insisted that they must have contacted me for the details to do that (they did not) as they cannot hold the card details for PCI compliance.

That would suggest that as they refunded me without asking card details then they are not PCI compliant. I said that to him and he did not really know what to say!

Well, we'll see if the £35 arrives. What fun.


  1. well done. shame about the short lived lesson for you though. :-)


  2. PCI compliance states you can keep a copy of the card details, however not the CVV number.

    I would also be surprised if they refunded the £35, as that would take you above the original amount paid. I believe only certain types of business can get hold of merchant accounts capable of this, such as betting companies.

  3. Should be interesting to see.
    I was only going by what he said in the call!