Will java script work on android application? [closed]

Question

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.

---

Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist

Closed 8 years ago.

Improve this question

I have an html page which has a payment form.When we type the credit card number , a javascript caputures the credit card number and convert it to a cypher text.This cypher text using php is posted to a webservice using cUrl.The webservice returns a token which we can use as credit card number.Since i dont have PCI compliance i cant store Credit card number as is,so can be stored as token only.

So what I am trying to do is make an android application equalent to this web application.But the credit card tokenizastion part,using javascript.How can I make it possible?instead of that javascript(provided by the tokenizing company),what can be used?Is it possible to use javascript in my android application?

Pardon me for this kind of a question.

Answer 1

Google for PhoneGap, You can run html+js+css as an application

Answer 2

I have an html page which has a payment form.When we type the credit card number , a javascript caputures the credit card number and convert it to a cypher text.

From your question I get the strong impression that you have no idea what you're doing and shouldn't be processing credit card numbers in any way.

You can't merely use Javascript to encrypt credit card numbers - if you could, SSL would be obsolete. If you use SSL you don't need to double-encrypt it for transmission.

Moreover, please refer to this, which says:

To be PCI compliant, merchants must install expensive end-to-end encryption systems or outsource their payment processing to a service provider who provides a "tokenization option."

and this, which says:

Do I Need To Worry About PCI Compliance?

Anyone who has a business that receives payments from customers who use their credit cards to pay needs to be PCI compliant – even if you only receive one credit card payment per year. The volume of transactions does not make a difference. Even if your website uses a 3rd party service like PayPal, Google Checkout, or Mijireh you still need to be PCI compliant because your business (not necessarily your website) receives payments via credit card.

So, you are mistaken if you think you don't need to be PCI compliant. Tokenization is a way to achieve PCI compliance more easily, not a way to avoid it entirely.