Add CVV field.

[vijayrawatsan]

It would be nice to have a cvv field in the card. I was thinking of sending a pr, but I need your opinion about the placement.

• It should be at rightOf the expiryDate
• It should be at rightOf the expiryDate. But validTill & expiryDate are leftAligned as well.
• It should be at rightOf the cardName

[vinaygaba]

Hi Vijay! I intentionally left this out for this release. I was contemplating adding a back view to the card where this CVV information would go. Just like in a real card. At the same time, I want to discourage developers from asking users to enter all the fields necessary to make a payment as that raises security concerns. So I opted to include only card number and expiry date. Again I am open to change this based on the feedback I get from more people. Let me know what you think about this :)

[vijayrawatsan]

Hi Vinay, I have worked on some payment apps. And each one of them required cvv to be enetered at the time of payment. Now having a back view would not be good UX (in my opinion) because it will add another step for the user. CVV edittext should be there at the front side.

[vinaygaba]

Hi Vijay, I do agree to your point about adding that extra step would be bad UX. About adding the CVV, I was under the impression that it would raise a security concern. But since you have worked on similar apps before, I trust your judgement and personally think that the second option would be a good placement option. It would be really help if u could show screenshots as you are iterating(only if its not a lot of work) to give a better idea as sometimes things look better in a picture than based on a description :) Thanks again for contributing! Really appreciate it!

On Sun, Jun 21, 2015, 1:11 PM Vijay Rawat notifications@github.com wrote:

Hi Vinay, I have worked on some payment apps. And each one of them required cvv to be enetered at the time of payment. Now having a back view would not be good UX (in my opinion) because it will add another step for the user. CVV edittext should be there at the front side.

— Reply to this email directly or view it on GitHub https://github.com/vinaygaba/CreditCardView/issues/3#issuecomment-113871254 .

[vijayrawatsan]

Its a security concern only if you save any of the data related to credit card in your app. I will try to give you some screen shots later in the evening if possible. Right now contributing to https://github.com/javiersantos/MLManager Can only contribute on weekends for few hours.

Thanks

[vijayrawatsan]

Something like this.

[vinaygaba]

Alright Vijay! Looks good! I can take this up if you haven't started working on this and are busy :)

[vijayrawatsan]

You can take it up if you are gonna work on this winthin few days. I might not have enough time during weekdays. I actually started working on this today(screenshot is from emulator itself), but can't complete as I had to consult regarding the UI with you. I have a few more suggestions will put them up here soon.

[vinaygaba]

Sure Vijay that sounds good. I will try to close this by today and add it in the next minor release along with package change.

[vinaygaba]

Hi Vijay, So I had posted the link to this library on this reddit thread and I got some really valuable suggestions and feedback. One of them said that:

"PCI compliance dictates that you shouldn't store a combination of three items in any database anywhere (unless you work for the credit card companies themshelves) when it comes to credit cards. It's been a while since I've done this but from what I remember, that combination is the credit card number, expiration date, and cvv number. The reason for this is a guess but it seems obvious to me. If you have the combination, you can make transactions on the user's behalf. With this in mind, you might want to consider throwing some type of exception to discourage developers from storing the combination. If you are displaying the combination on the card without any interaction from the user prior, it means you are storing the data somewhere."

Wanted to know what you think about this.

[vijayrawatsan]

Its right that you should never store credit card data (unless you are a PCI compliance company). Now coming to your library. Your library will be just UI/UX for an app. It does not store any info. It just allows user to enter info or show info. You can always get saved cards information from a PCI compliant server. There is no need for you to throw any info. And as far as I know you dont store any information in your library.

Store : Persisting data on disk. Either on DIskBasedCache or SQLLiteDB or any other DB

[vinaygaba]

Thanks for clarifying. Yes makes sense. Will be pushing it to github soon :)

[biddster]

Any ETA on this? I'd love to use this feature.

[vinaygaba]

Hi @biddster, This is already in the works. You can chime in your opinion on the discussion here - #11

[vinaygaba]

@vijayrawatsan @biddster This feature has now been implemented. Will be working on the new screenshots and once those are done, will be releasing this functionality in the next release of the library. Based on the feedback I ended up getting, it has been done on the back itself. @vijayrawatsan you made a valid point about UX, but I went ahead with general consensus :)