Store Credit Cards in App

Question

What is the best way to store credit cards in an app? I will be processing payment using Stripe API.

Reasons: 1. Eliminate customer having to type in number every time 2. Easy one click payment

score 4 · Answer 1 · edited May 23 '17 at 11:54

4

I don't think you are allowed to store that information without PCI/DSS compliance: Storing Credit Card details in the iPhone App

edited May 23 '17 at 11:54

Community

answered Mar 26 '13 at 16:44

Jai Govindani

1

The interesting thing is that nobody can stop you from storing such data if you have no such agreement with the payment processors. It is not illegal per se. – Emil Vikström Mar 26 '13 at 16:50
1

You have to have an agreement with SOMEBODY to be able to process credit card payments. While PCI-DSS isn't a law, failure to comply will usually cause you to breach whatever contract you have and open you up to a civil suit: http://security.stackexchange.com/questions/20036/if-pci-dss-isnt-a-law-how-can-i-be-prosecuted-for-not-being-compliant – Jai Govindani Mar 26 '13 at 16:56
I appreciate both comments you all have provided, this certainly opened my eyes to some legal issues I may face in my design. THank You! – jacobronniegeorge Mar 29 '13 at 16:35

score 3 · Accepted Answer · answered Mar 26 '13 at 18:10

As noted, you can't legally store that data in your app without major effort and expense to comply with PCI requirements.

That's one of the main selling points of services such as Stripe: they store all that data for you, and thereby remove that legal burden from you.

You can do all the things you're wanting to do by creating a customer and storing their card data in Stripe. See: https://stripe.com/docs/tutorials/charges#saving-credit-card-details-for-later

2 Answers2