Payment gateway for iphone app

Question

I'm thinking to build a payment application that will capture the credit card information from the application and use HTTPS POST(3rd party payment gateway) to perform the credit card transaction.

Since this application is capturing the credit card information so do I need to make the application to be PCI compliant? If yes, how to do it?

Thanks.

Answer 1

The answer is YES.

Please refer this link http://www.pcicomplianceguide.org/pcifaqs.php for clarifications.

As per the site

The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment. Essentially any merchant that has a Merchant ID (MID). The Payment Card Industry Security Standards Council (PCI SSC) was launched on September 7, 2006 to manage the ongoing evolution of the Payment Card Industry (PCI) security standards with focus on improving payment account security throughout the transaction process. The PCI DSS is administered and managed by the PCI SSC (www.pcisecuritystandards.org), an independent body that was created by the major payment card brands (Visa, MasterCard, American Express, Discover and JCB.). It is important to note, the payment brands and acquirers are responsible for enforcing compliance, not the PCI council.