Compliance Overview
About 459 wordsAbout 2 min
2026-04-15
Integrating PPCashDeskSDK affects your App's privacy declarations and review configurations on the App Store and Google Play. The SDK has fulfilled its own compliance requirements (Privacy Manifest, data encryption, etc.). The following describes what merchants need to know and do.
SDK Data Collection
Data Collected Directly by the SDK
| Data Type | Details | Purpose | Storage |
|---|---|---|---|
| Payment Information | Card number, CVV, expiry date | Complete payment authorization | Encrypted via RSA-OAEP for transmission; no plaintext stored |
| Billing Address | Name, street, city, state/province, postal code, country, email, phone | Payment verification and risk control | Not persisted locally |
| Device Identifier | IDFV (iOS only) | Unique device identification; not an advertising identifier | Not persisted locally |
| Usage Data | App version, device type (iOS/Android) | Compatibility and feature support | Not persisted locally |
| Diagnostics | Request ID (random UUID), error logs | Request tracing and troubleshooting | Not persisted locally |
| Language Preference | Current language setting | SDK UI localization | Not persisted locally |
Data Collected Indirectly via the Risk Device Fingerprint Module
| Data Type | Default State | Purpose | Configurable |
|---|---|---|---|
| Sensor Data (accelerometer, gyroscope) | Enabled | Device environment profiling | Can be disabled via configuration |
| Behavioral Biometrics (touch patterns, interaction behavior) | Enabled | Fraud behavior detection | Can be disabled via configuration |
| System Boot Time | Enabled | Anti-tampering / timestamp verification | Not configurable |
| File Timestamps | Enabled | File integrity check | Not configurable |
| Disk Space | Enabled | Device environment profiling | Not configurable |
| Precise Location | Disabled | High-precision geolocation risk control | Can be enabled via configuration |
| Coarse Location | Disabled | Region-level geolocation risk control | Can be enabled via configuration |
Configuration
For items marked "Can be disabled/enabled via configuration", refer to the iOS Integration Guide or Android Integration Guide for details.
Impact on Store Review
The data collection described above requires merchants to complete platform-specific privacy declaration configurations before submission:
iOS App Store — Verify Privacy Manifest integration, complete App Privacy Labels, and disclose SDK information in Review Notes. See iOS App Store Compliance.
Android Google Play — Complete Data Safety declaration and verify permission declarations. See Android Google Play Compliance.
Privacy Policy (both platforms) — Disclose the use of PPCashDeskSDK for payment processing in your App's privacy policy, including the Risk Device Fingerprint Module's data collection behavior.
Compliance Inquiries
For further questions about data collection and privacy compliance, please contact your PingPong account manager or legal team.