Answer the question
In order to leave comments, you need to log in
V
V
Vasyl Fomin2019-10-15 15:18:49
Vasyl Fomin, 2019-10-15 15:18:49
Acceptance of payments on the site from the card (Tinkoff Bank). How to implement?
Hello! In the PHP API (for Android & iOS applications), you need to implement the ability to accept payments from a client's card (through Tinkoff Bank). 
The application must have its own form, without redirects to the bank form, for entering card details: number, color , date a payment form with a redirect, but how to do it through your form + api is not clear ?!
Maybe someone has experience with this problem? Please tell me the best way to implement this
6 answer(s)
@alex1478
@goodmy
@skrimafonolog
For security reasons, it is not possible for you to know the details of the cards.
That is why the bank sends to itself.
Direct is also possible, but this requires PCI DSS certification.
Something from 10,000 dollars and a year of time for all procedures.
If you do not want PCI DSS, but somehow implement it technically, bypassing the option offered by the bank, you will also be banned (and in all banks at once) and a criminal case for fraud with bank cards.
However, you may be lucky and not notice. ;)
Or create your own payment system and conclude an agreement with Visa / MasterCard (something from a million dollars).
Or get PCI DSS certified. This certification implies certain requirements for your servers, in particular, the prohibition of storing card numbers (and this will be checked), a lot of logging of what happens on the server, etc.
@boss_lexa
@dimonchik2013
if you are not familiar with the customer, be more careful with publishing such an attachment from your data
A
alex1478, 2019-10-15 @alex1478
You can’t do this, you will quickly get a ban card in Tinkoff. And if the stars converge, you will also have to prove to the police that the people entered your cards themselves, and not you used your account for dark deeds.
As I understand it, you want to accept payments from physicists' cards to a physicist's card to bypass the tax, this is not legal, I think you yourself understand this.
Correctly do this: Open an IP, conclude an agreement with a payment gateway, in the application show the form of payment from the gateway through webview,
Z
zcoder, 2019-10-15 @goodmy
I would think a hundred times when entering card details in someone else's form) Nobody bothers you to save them) It's
better to use a gateway like Yandex.Money and others
S
skrimafonolog, 2019-10-16 @skrimafonolog
The application must have its own form, without redirects to the bank form, for entering card details: number, color, date
For security reasons, it is not possible for you to know the details of the cards.
That is why the bank sends to itself.
Direct is also possible, but this requires PCI DSS certification.
Something from 10,000 dollars and a year of time for all procedures.
If you do not want PCI DSS, but somehow implement it technically, bypassing the option offered by the bank, you will also be banned (and in all banks at once) and a criminal case for fraud with bank cards.
However, you may be lucky and not notice. ;)
Or create your own payment system and conclude an agreement with Visa / MasterCard (something from a million dollars).
Or get PCI DSS certified. This certification implies certain requirements for your servers, in particular, the prohibition of storing card numbers (and this will be checked), a lot of logging of what happens on the server, etc.
B
boss_lexa, 2019-10-15 @boss_lexa
Have you looked at the mobile SDK?
https://oplata.tinkoff.ru/landing/develop/mobile/a...
D
Dimonchik, 2019-10-15 @dimonchik2013
The application must have its own form, without redirects to the bank form
if you are not familiar with the customer, be more careful with publishing such an attachment from your data
Similar questions
S
C
P
E
P
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question