I want to ask that what system is being used in mpos systems internationally: Single message system or dual message system ? if dual message systems are implemented World-wide, than we have to store card information in android application for settlement. Is it legal to store card information in an android application ? If not, than how we can implement dual message system in mpos ?
You can store some information related to transaction data, which includes a masked or encrypted PAN and no sensitive data is in any of your devices. You do not need a lawyer but PCI PA-DSS guide lines, as it would be a foolish approach get a a lawyer for this reason because PCI PA-DSS certification do not validate m-POS application at all.
You can implement both single or dual message system as it depends according to the processor or switch.