• ℍ𝕂-𝟞𝟝
    link
    fedilink
    English
    1
    edit-2
    3 months ago

    the only thing the app does is start transactions and check with the server if they’re paid

    Yeah, but the whole PCI DSS thing means that the app must still be secured. That doesn’t necessarily mean that it has to be tied to Google Play, but explain it to them.

    • Ghoelian
      link
      fedilink
      English
      23 months ago

      Afaik that only applies if the app is processing payments, which in this case it shouldnt be.

      • ℍ𝕂-𝟞𝟝
        link
        fedilink
        English
        13 months ago

        A lesser standard still applies if it either embeds or redirects to a payment page. Again, shouldn’t mean shit, but still.