#Gary4091-elements

Yes, you can use elements to collect on the credit card and CVV but it won't be on a single line anymore

Instead of using the card element, we also provide a multi-line split version with cardNumber, cardExpiry, and cardCvc elements

What we need is to collect Card Number and CVV only via Element

The other data we need to submit from simple text boxes on our checkout form. Can we do that and still be in PCI compliance?

Let me try this out on my end really quick and confirm that this works

Thank YOU so much!

Ah, I thought only providing the two would be a nice workaround but it looks like you need all three elements for it to work

So we need to supply Expiration Date on the Element also?

Yes - you need all three for it to work

One more question. Can we get an Expiration Date value from STRIPE after we supplied it?

so we can record it to our database?

For PCI reasons you have to let Stripe collectr card number, expiration date and CVC with Elements. You can not collect expiration date yourself

I was reading that Expiration Date without Card Number is considered a non-sensitive information

It is just a date

Sure but we don't support providing just the expiration date so it's really not something you can do or should try. You need to use Elements and let us do this entirely

Understood

May I ask one more question?

of course as many as you need

Our current checkout process has 2 pages that contains credit card info:

First Page - contains everything but CVV

A second page create CVV

Can Setup Intent first create CC Payment Method for a customer without CVV (via ELEMENTS on first checkout page) and then APPEND this payment method with CVV (on our second checkout page)?

honestly you need to change your entire integration path it really shouldn't split the two like that it'll never work with Elements

I know it always seems easier to keep the UI you already have, but I would strongly discourage that approach

Hmm

But CVV value that can't be stored for more than N days per PCI Requirement

I was reading in Stripe docs that we can update CVV using tokenization, just wanted the confirmation

I know the ideal way would be to start from scratch and do it right

you really need to, you shouldn't try the approach you are taking honestly

I worry you're mixing many things up together

what does the "stored CVC delay" have to do with anything when you ask all at once?

But the whole things about Elements vs Pre-built Stripe checkout

Ok, let me answer your question:

Let's say we created a Payment Method for credit card future use

Customer came in 30 days and want to use the credit card on-file

We allow him to use the credit card on-file but to increase security we ask him to enter CVC because:

Okay so those are two completely separate flows

you need to build them completely separately

1. CVC would not be availble at STRIPE for this payment method after 30 days

In one case, you collect card details upfront with Elements. You get number, expiration date and CVC with Elements (And pass the rest if you want such as name, address, email from your own form)

Separately, when someone comes 30 days later to pay again with the saved card, you ask for their CVC with a CVC element only to pass this as part of the payment confirmation and have the bank check this

it's different UIs, different flows, different code overall. Don't try and split the CVC step off of the "payment details collection" to make the code "unified" it will just cause issues

I understand now

Thank you

Another question

Can we use Element that contain the following 3 datasets:

1. Card Number

2. Expiration Date

3. CVV

This is a minimal dataset to charge the card as I understand

BUT, if we want to supply ZIP Code and Name from our Database to have more secure transaction?

Can we do that?

Hello! Taking over for @pallid wedge. Yep, you can do that! You can specify additional billing details to use in your code. Are you using stripe.confirmCardPayment?

We saving card for later use

Setup Intenet

Creating Customer, adding Payment Method

We have some non-sensitive data in our database that we want to use

So you're using stripe.confirmCardSetup then, right?

Yes

Have a look at the code snippet here, which shows you how to include the name: https://stripe.com/docs/js/setup_intents/confirm_card_setup

You can include other billing details as well, anything you see here: https://stripe.com/docs/api/payment_methods/create#create_payment_method-billing_details

WOW. Great to know

We are working on the concept for now to better understand possible integration options. What information we can get back from stripe that was supplied via elements? It is my understanding we can get last 4 of credit card

Any other non-sensitive data supplied via ELEMENTS we can get to store in our database?

https://stripe.com/docs/security/guide#out-of-scope-card-data

(everything we return you can save)