VGS Engineering Blog

The latest updates from our developer community

How to save time on building a PCI compliant solution on Android

Whether you run a payment channel, retail, or e-commerce platform, you are required to comply with the Payment Card Industry Data Security Standard (PCI DSS) in order to offer your customers a safe, quick, and easy-to-use system. To learn everything you need to know about PCI DSS generally, read our comprehensive blog post on the topic.

In the following blog post, we will be explaining how businesses like yours can develop a PCI compliant Android application using our Very Good Security (VGS) Collect SDK – while securely fast-tracking the entire process.

VGS is an international PCI Level 1 certified service provider whose mission is to make it as easy as possible for you to achieve and maintain PCI DSS compliance, so that you can protect your business and customers from the damaging effects of a data breach.

VGS Collect SDK is a library that allows you to securely collect data from your users without having to pass that data through your systems. It provides customizable UI elements for collecting users' sensitive data safely on mobile devices with Android OS.

Save time and money#

On average, checkout APIs can take anywhere from three and nine months to develop. VGS Collect SDK gives you the ability to release a new checkout feature within just one week while staying PCI compliant.

The best and the quickest way to compare your native and our VGS-Based solutions is to install our demo app. And guess what? To build a secure checkout form with VGS Collect, you don’t even need more than 10 lines of code.

VGS Collect SDK gives out-of-the-box features that are designed to make developers’ lives easy.

Input validation: Performing correct validation on user input is not a trivial task, even more so if an application requires validations for multiple fields. While working in Android, it becomes quite complex. VGS Collect SDK provides different ready-to-use validations according to the data type. Also, a developer is able to override or add additional validation. Our SDK supports specified validation rules for payment card numbers and their relations with CVC fields, Social Security Number (SSN), expiration dates, names, etc. Check out documentation on all of the features here.

Flexible data structure: VGS Collect SDK allows us to support different data structures according to your API specification as well as simple interfaces that give developers a chance to easily manage everything before submitting.

Native experience#

VGS Collect SDK inherits the Android native experience without any restrictions. A native Android developer who is already competent with Android SDK doesn’t need to spend any time on investigation. For non-Android developers, we have great materials and helpful tips that make the transition a breeze (which can be found here).

Fully customizable styles: VGS Collect SDK supports all default Android attributes that specify the appearance for input fields (including material components). In addition, we provide newer, better visual and programmatic validation and formatting of user input.

Card Brand Identification: The SDK supports smart payment card brand detection. Here you can find a whole list of supported card issuers. Furthermore, developers may add a new brand if it is not yet supported.

RTL supports: Some users may choose a language that uses right-to-left (RTL) format, such as Arabic or Hebrew. VGS Collect SDK supports both RTL and LTR in accordance with Android standards.

VGS Collect native experience

Comparison user experience on Native Android SDK with VGS Collect SDK

White label processing#

VGS Collect SDK is the easiest way to white label security and compliance monitoring that focuses on maintaining PCI compliance. Also, VGS Collect SDK is a building tool that allows you to rebrand to any use case, so developers can easily create a user interface to look and feel aligned with their company’s brand. This provides a good opportunity to give your clients a reliable product without additional overhead costs or development complexities.

Client support on their preferred platform#

VGS Collect SDK can be easily integrated into your application even if it is cross platform. It is really simple to secure sensitive data on multiple of the most popular cross-platform frameworks, such as Flutter, React Native, and Xamarin.

Conclusion#

The main root of any issues in developing Android apps for many organizations is integration. Integration with VGS is quite simple and does not require any special effort from a developer. VGS Collect allows you to build a better product faster, while keeping everything at a lower cost. Furthermore, the solution solves two problems simultaneously: it gives the vendor a secure checkout experience and saves them from having to obtain security certification.

If you’d like to chat with a VGS team member about PCI compliance for your business or mobile application, or if you simply have any additional questions, feel free to contact us.

author profile
Dmytro Kosolapenko
In fall 2019 Dmytro joined the great team at VGS as a mobile software engineer to improve, grow and achieve not only on a professional level but on a personal level as well.