We use a Supercontrol booking system for processing bookings and making payment requests to card providers. Through Supercontrol we are fully compliant with the Payment Card Industry Data Security Standard (PCI DSS).
When to enter your card details onto our system all pages are 128 bit SSL encrypted. SSL creates an encrypted link between a web server and a web browser to ensure that all data transmitted remains private and secure. All sensitive data is encrypted and password-protected. The SuperControl server is scanned weekly by a PCI Approved Scanning Vendor for thousands of possible security vulnerabilities. SuperControl is fully compliant with the Payment Card Industry Data Security Standard (PCI DSS).
How we ensure your card details are safe
What happens when you or we process a payment through our system is that our Supercontrol booking system requests a payment from your card via Sagepay - see more detail on Sagepay. Your card details are not held on our system and are encrypted into a unique number. We only hold this unique number and it is not possible for us to convert this number into anything that relates back to your card. Any subsequent request for balance payments are processed using this reference number only and is decrypted by the payment provider only.
Checks to minimise the risks of stolen cards being used to book accommodation.
To ensure we minimise these risks we process payment through the Verified by Visa or Mastercard SecureCode systems. These system protects your card against unauthorised use and gives you peace of mind when shopping online.
Card Payment Policy
Every credit or debit card payment processed through our website has to pass through a security screening check. Before any payment release is actioned our system checks that the name and address given by you during the booking process matches the name and address that the card has been registered to.
When there is a mismatch our system fails the payment request and although VISA or Mastercard may authorise the release of the payment we do not take it and you will see a message of ‘Vendor based rule failure’ as we, the vendor, have set security rules to protect our customers and cottage owners and to minimise the risk of stolen cards being used or unauthorised persons using a card to make payment.
If the payment fails during the booking process, your booking will be held on your behalf until you have either contacted us via telephone (during office hours) or emailed us to resolve the issue or we will make every effort to contact you. If the payment has not been resolved within 48hrs we reserve the right to cancel the booking and re-advertise the cottage on our website.
UK Based cards
On many occasions when you see the error message ‘Vendor based rule failure’ it may have been caused by something as simple as a small difference in how the address is formatted. For example we may have Flat 1, Lake Road on the booking system and the card supplier may have registered you to 1 Lake Road. We do use the Post Office database to auto-populate addresses as part of the booking process and as long as your card supplier or bank has also used this there shouldn’t be any mismatch.
Non-UK Based cards
Many non-UK based card suppliers don’t recognise our security filters and our system automatically rejects the payment request with an error of ‘Vendor based rule failure’ as we, the vendor, have set security rules to minimise the risk of stolen cards or unauthorised persons using a card to make payment.
What happens next
You need to contact us via email or telephone durning office hours and we will arrange an alternative method of payment.
Telephone 015394 41765
VISA or my card supplier said the money has left my account
Your card supplier may tell you this but we will not have received your payment. Instead what they will have done is created a shadow payment as we did not complete the payment request due to the vendor based rule failure. What happens in most cases with shadow transactions is your card supplier deducts the funds from your available balance and holds these in a suspense account. Our system is not able to request these held accounts even if the card supplier authorises release. You will need to try to make payment again after you have been in touch with us.
Declined by bank
Usually this would be for one of two reasons.
- There aren’t enough clear funds available to cover the amount we have requested.
- The bank, or card issuer, has put a block on a payment request from us. This can be following failed attempts to process payment on one or more occasions due to the vendor based rule failure or security rules your card issuer have set.
On occasions that card payments are denied we are unable to contact your bank or card issuer to request payment directly or to ask them to remove any block on subsequent payment requests. The process our online payment system uses is to request payment with the bank either releasing funds at that time or denying the request. There are no further processes available to us to request payment.