Never been particularly secure

This site has never been much good. I have complained to Busy Bees on numerous occaisions. Before the recent introduction of PINS, it was possible to access anyones account if you could guess their login name (not difficult) and DOB.

Really a shocking application in terms of usabililty, the service it offers, and security. They have been on about upgrading / replacing it for years.

Not remotely surprised

I started using Busy Bees three and a half years ago, and this grotesque abomination of a "website" was in place at that time. It was virtually impossible to use, the delays were such that sessions timed out before you could actually complete a transaction, and the functionality was virtually useless - to make a standing order, for example, one had to give up on the website and phone one of their customer service operators.

As far as I could see, they were a bunch of chavtastic cowboys who'd suddenly spotted an opportunity to make loads of cash by creaming off a percentage of the money passing through thanks to some spectacularly badly thought-out government legislation.

(If I'm not careful, this'll turn into FoTW).

If the government wants to provide tax relief on childcare, then surely even someone as fundamentally divorced from the real world as a civil servant could see that at least one of the ways to administer it is to let me pay the childcare, and to let me claim the tax back at the end of the year in my return. But no, let's invent a whole system of NI reductions and vouchers and middlemen taking a percentage, and while we're at it let's make life harder for the childcare providers by making them have to redeem the bloody vouchers again. Oh, and also while we're at it, let's make the whole system so cumbersome that you have to make long-term contractual commitments to employer, voucher provider and to nursery in order to use these bloody vouchers, thus rendering them utterly useless for ad-hoc childcare.

And Busy Bees make a profit from this disaster while not even bothering to provide a decent interface for me to to manage what is, actually, *my* money.

This is what happens when this nanny-state safety-nazi control-freak government oversteps the mark yet again away from deciding what should happen towards telling us how it should happen...

"We've never had problems before"

Oh yes you have. The Citrix plugin doesn't work at all under Ubuntu, for example. Since I changed my OS at home, I now have to email them with any payment requests, since there's no web based interface available for me. There's nothing technically challenging about the Windows 2000 application that couldn't be translated into a straightforward (but secure) standard web form.

Unbelievable.

They gave all their members remote desktop access to the server? Whoever thought that would be OK should be dragged outside and have their knuckles broken. The bug was not "the result of an update", even if the particular means of getting an open explorer window might have been, it was inherent in the design from day one.

Which Nick was that?

"according to email seen by Griffin"

Oh dear Reg, not every data security hole with someone called "Nick" is about Nasty Nick

I've just grepped the BNP address list and there's no Gibbins in there (couple of gibbons and a few apes maybe)

A really insecure mickey mouse payment system

I agree completely with Nick; the Busy Bees voucher system is a complete mess. It feels like it was put together by some 6th form wannabee systems programmer, when using it. It wasn't very long ago that they introduced a PIN in addition to the convoluted username/password multiple logons, so I suspect it wasn't very secure in the first instance... and currently either!

A while ago, I had trouble paying my childminder using their system, and called up support. After explaining my problem, the support person asked me for my password so she could log on and check if the problem was real! They certainly have procedural security issues there, nevermind about their mickey mouse payment system!

Convoluted doesn't even cover it

We used Busy Bees for a while, I can't believe how anyone was sold the idea that an essentially simple site required some sort of Citrix Metaframe implementation. It's the shoddiest site I've ever had the misfortune of using and presumably someone got paid handsomely to write it.

Eventually had enough of the system, the shoddy support and high management charge (8%+) and moved to Fideliti who offer a better service for a 2.5% management fee and they have a lovely simple PHP app for managing your payments. It's how the world should be. You even get an email confirming your payment was made to the childcare provider. Presumably the Bees system was too complicated to allow this to happen.

So badger your HR departments to switch to Fideliti, you'll pull less hair and and the company will save money.

And if you cynically think I work for Fideliti, think again - I just like to trumpet good service when I get it.

They promised that the website would be usable

I couldn't believe my eyes at the state of what they had implemented when I first logged on to use my vouchers. After much messing about using Opera and then IE it still didnt work. They suggested I called them so they could process the vouchers manually.

Err my coats got something in the pocket.....

AC so you dont guess my account details!!

new website??????

The new Busy Bees website is now live

http://www.busybeesvouchers.com/new_login.php

Relaunched crapness

The 'new' site, says:

Welcome to the Employee

Secure Access SSL VPN

Alert: The number of concurrent users signed in to the system has exceeded the system limit. Please inform your system administrator. You can try again in a few minutes.

This site has now been upgraded to work with Microsoft Internet Explorer 7. Please remember to insert an underscore character between your forename and surname in the username field on this screen and to type them in separately on the System Login screen. If prompted to change your password please note that the length should be six characters or more. Please sign in to begin your secure session. Once you have signed in: Parents Can * Review your account * Pay carer * Contact Busy Bees Carers Can * View remittance advice details * Redeem paper vouchers

--

It looks like the same old convoluted login crap :( (but can't login to comment on the other same crap system :( :( )

Infuriating now!

Parent Login Area

Authentication failed.

Please re-enter your User ID and Password/PIN.

User ID:

Password/PIN:

--

The site is up and gives you a login screen now, but they've changed the login method, with no instruction on how to do so! Arrrrgghhhh!

I need to pay my childminder, and they've taken away all the telephone contact numbers if you want to call them to do so instead! Amateurs!