How to safely save bank card details in an Android application?

M

mitaichik2015-11-15 14:01:33

Android

mitaichik, 2015-11-15 14:01:33

Good afternoon. My app accepts credit card payments. It works by displaying the html page of the acquiring bank.
Unfortunately, this page is buggy on some devices + there is no way to save map data (many users ask for this). And in general, I would like the data entry to go through the native elements of the application, and not from someone else's html page.
Competitors simply made a card data entry form in the application, and they themselves send the data to the acquiring bank. I'm thinking of doing the same, but as far as I know, for the legal implementation of this, the application must have a PCI DSS certificate - I have no way to do it (expensive). But maybe I'm wrong.
Has anyone done something similar and knows how to do it right?
Maybe what libraries / services already exist that allow you to do what you have planned, and already have certification?
Thanks in advance.

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

A

Alexander, 2015-11-19
@mitaichik

You can go through PCI DSS on your own and write that you comply but are not certified.
It also describes how to properly store cards.
https://en.pcisecuritystandards.org/minisite/en/

B

belozerow, 2015-11-15
@belozerow

stripe
But it is not available for Russian companies

I

Ivan, 2015-11-16
@LenLord

If you are concerned about the formal side of the issue, then you will probably find it.
But if it’s real, then nothing on android can be hidden safely, it’s such a system)