Sitemaps

Questions

PCI DSS

What is the process for PCI-DSS compliance for a mobile payment app?

The app facilitates mobile payments; both peer to peer like venmo and to from customers to merchants via QR codes. I'm having trouble finding precise information on this process.

Answer This Question

3

Answers

André Soares

Serial Entrepreneur

there is no PCI compliance requirement for consumer devices and the mobile apps running on those devices.

Answered about 5 years ago

Jeffrey Wilson

Business & Strategic Advice with Legal Background

I was general counsel to a payment technology company for 10 years. We processed mobile payments via app and card present scenarios, processing roughly $900M annually. I have gone through the PCI-DSS certification process on numerous occasions.

To answer your question, it depends on how much you are processing. The first million or so is subject only to a self-certification process. After that, you will be required to have third-parties do the appropriate testing and issue the certification. Generally speaking, your merchant bank will give you the requirements.

Happy to have a call and answer any questions.

Answered over 4 years ago