Questions

What is the process for PCI-DSS compliance for a mobile payment app?

The app facilitates mobile payments; both peer to peer like venmo and to from customers to merchants via QR codes. I'm having trouble finding precise information on this process.

2answers

there is no PCI compliance requirement for consumer devices and the mobile apps running on those devices.


Answered 9 months ago

I was general counsel to a payment technology company for 10 years. We processed mobile payments via app and card present scenarios, processing roughly $900M annually. I have gone through the PCI-DSS certification process on numerous occasions.

To answer your question, it depends on how much you are processing. The first million or so is subject only to a self-certification process. After that, you will be required to have third-parties do the appropriate testing and issue the certification. Generally speaking, your merchant bank will give you the requirements.

Happy to have a call and answer any questions.


Answered a month ago

Unlock Startups Unlimited

Access 20,000+ Startup Experts, 650+ masterclass videos, 1,000+ in-depth guides, and all the software tools you need to launch and grow quickly.

Already a member? Sign in

Copyright © 2020 Startups.com LLC. All rights reserved.