We are going to develop an application for payment gateway which is already PCI DSS compliant,
This application will be handling the payment through the API.
My questions is is the application needs to be PA-DSS, P2PE, or PCI-DSS ?
Asked
Active
Viewed 794 times
1 Answers
2
If you handle credit cards you definitely need to comply with PCi DSS, If you are a kind of vendor and that you will make and sell payment applications so you need to meet PA DSS.
According to this link:
The PCI DSS is a standard that ALL organizations that store, process and/or transmit credit card data must be compliant with.
You will find almost all you need to know about the paymement gateway integration in mobile apps in the following links:
- All you need to know about the payment gateway integration into an app
- How to Integrate Payment Gateway in a Mobile App?
- What is the difference between PCI DSS and PA DSS?
Hope it helped !
Soufiane Tahiri
- 2,667
- 12
- 27
-
We will not sell the application, But the customers will use the application to make the payment through their mobile like PayPal as example. As I have mentioned already its already PCI-DSS compliant, But just wondering about the mobile application. – Petr May 17 '17 at 14:00
-
PayPal is PCI-DSS compliant. (https://www.paypal.com/c2/webapps/mpp/pci-compliance?locale.x=en_C2) – Soufiane Tahiri May 17 '17 at 14:03
-
@Petr - Does your app let people enter card data? Or does it just direct the existing API to make a payment using already-entered data? – Bobson May 17 '17 at 18:06
-
@Bobson, Yes my app will allow customers to enter the data. Will plan to add wallet as well. Please let me know if you have some thoughts. – Petr May 18 '17 at 05:21