Skip to content

Android Java "add payment card" form - This app demonstrates how simple it is to add payment card data to your app with VeryGoodSecurity

Notifications You must be signed in to change notification settings

gjyoung1974/vgs-cardform-demo

Repository files navigation

VGS Android "add new payment card" Demo

This is an "add payment card form" for Android

  • This demo shows a simple solution to securely add payment cards to an Android add, within your own code.
  • It is very simple to achieve PCI DSS v3.2 compliance with the VGS Secure Proxy and Vault components.
  • Code changes are minimal. Just set VGS as a "proxy" to your mobile backend.

A simple method of protecting card data

Relevant Code:

  • first marshall the payment card object into a JSON a structure :
JSONObject card = new JSONObject();
            try {
                card.put("CCN", mCardForm.getCardNumber());
                card.put("CVV", mCardForm.getCvv());
                card.put("MONTH", mCardForm.getExpirationMonth());
                card.put("YEAR", mCardForm.getExpirationYear());
                card.put("POST_CODE", mCardForm.getPostalCode());
                card.put("COUNTRYCODE", mCardForm.getCountryCode());
                card.put("MOBILE", mCardForm.getMobileNumber());

            } catch (JSONException e) {
                Log.e(this.getClass().getName(),e.getLocalizedMessage());;
            }
  • Instantiate the MobileBackEndClient(URL vgs_proxy_url, String your_mbe_api_endpoint) with the VGS Proxy URL and desired endpoint.

  • Persist the sensitive data in the VGS Vault & get a result at the UI Callback.

            // Mobile Backend Service with VGS Proxy re-write rule: MobileBackEndClient(url, mbe_endpoint)
            MobileBackEndClient api = new MobileBackEndClient(url, mbe_endpoint); //URL reflects VGS proxy
            api.persistSensitive(card.toString(), new MobileBE_UICallback() {
                @Override
                public void onSuccess(String token) {
                    Toast.makeText(mCardForm.getContext(), token, Toast.LENGTH_SHORT).show();

                }

                @Override
                public void onFailure(MobileBE_Error error) {
                    Toast.makeText(mCardForm.getContext(), error.toString(), Toast.LENGTH_LONG).show();

                }
            });
  • A secure "surrogate" or "token" value is persisted within your mobile backend service.
  • The original Card data is now protected within the VGS Vault for later use.
  • Use the secure "surrogate" or "token" to securely operate on sensistive data without handling it directly.
  • Securely authorize payments without directly handling raw/plaintext payment card data in your mobile backend.
  • Safely & securely enrich other business processes, secure data analytics, etc.

Example form:
Add Card Dialog

Example VGS Dashboard 'Route' configuration for this demo:
VGS Rules Config

Persist a new card results:
Persist a card results

How to run the demo:

Installation requirements:

  • Compile SDK Version: API 27: Android 8.1 (Oreo)
  • Min SDK Version:* API 24: Android 7.0 (Nougat)

Gradle Dependancies:

dependencies {
    implementation fileTree(include: ['*.jar'], dir: 'libs')
    testImplementation 'junit:junit:4.12'
    androidTestImplementation 'com.android.support.test.espresso:espresso-core:3.0.2'
    implementation 'com.braintreepayments:card-form:3.3.0'
    implementation 'io.card:android-sdk:5.5.1'
}

Learn more at:

https://www.verygoodsecurity.com
https://www.verygoodsecurity.com/docs/overview

2018
gjyoung1974@gmail.com

About

Android Java "add payment card" form - This app demonstrates how simple it is to add payment card data to your app with VeryGoodSecurity

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published