Add CVV field. about creditcardview HOT 14 CLOSED

Hi Vijay! I intentionally left this out for this release. I was contemplating adding a back view to the card where this CVV information would go. Just like in a real card. At the same time, I want to discourage developers from asking users to enter all the fields necessary to make a payment as that raises security concerns. So I opted to include only card number and expiry date. Again I am open to change this based on the feedback I get from more people. Let me know what you think about this :)

from creditcardview.

Hi Vinay,
I have worked on some payment apps. And each one of them required cvv to be enetered at the time of payment. Now having a back view would not be good UX (in my opinion) because it will add another step for the user. CVV edittext should be there at the front side.

from creditcardview.

Hi Vijay,
I do agree to your point about adding that extra step would be bad UX.
About adding the CVV, I was under the impression that it would raise a
security concern. But since you have worked on similar apps before, I trust
your judgement and personally think that the second option would be a good
placement option. It would be really help if u could show screenshots as
you are iterating(only if its not a lot of work) to give a better idea as
sometimes things look better in a picture than based on a description :)
Thanks again for contributing! Really appreciate it!

On Sun, Jun 21, 2015, 1:11 PM Vijay Rawat [email protected] wrote:

Hi Vinay,
I have worked on some payment apps. And each one of them required cvv to
be enetered at the time of payment. Now having a back view would not be
good UX (in my opinion) because it will add another step for the user. CVV
edittext should be there at the front side.

—
Reply to this email directly or view it on GitHub
#3 (comment)
.

from creditcardview.

Its a security concern only if you save any of the data related to credit card in your app. I will try to give you some screen shots later in the evening if possible. Right now contributing to https://github.com/javiersantos/MLManager Can only contribute on weekends for few hours.

Thanks

from creditcardview.

Something like this.

from creditcardview.

Alright Vijay! Looks good! I can take this up if you haven't started working on this and are busy :)

from creditcardview.

You can take it up if you are gonna work on this winthin few days. I might not have enough time during weekdays. I actually started working on this today(screenshot is from emulator itself), but can't complete as I had to consult regarding the UI with you.
I have a few more suggestions will put them up here soon.

from creditcardview.

Sure Vijay that sounds good. I will try to close this by today and add it in the next minor release along with package change.

from creditcardview.

Hi Vijay,
So I had posted the link to this library on this reddit thread and I got some really valuable suggestions and feedback. One of them said that:

"PCI compliance dictates that you shouldn't store a combination of three items in any database anywhere (unless you work for the credit card companies themshelves) when it comes to credit cards. It's been a while since I've done this but from what I remember, that combination is the credit card number, expiration date, and cvv number. The reason for this is a guess but it seems obvious to me. If you have the combination, you can make transactions on the user's behalf. With this in mind, you might want to consider throwing some type of exception to discourage developers from storing the combination. If you are displaying the combination on the card without any interaction from the user prior, it means you are storing the data somewhere."

Wanted to know what you think about this.

from creditcardview.

Its right that you should never store credit card data (unless you are a PCI compliance company).
Now coming to your library. Your library will be just UI/UX for an app. It does not store any info. It just allows user to enter info or show info. You can always get saved cards information from a PCI compliant server. There is no need for you to throw any info. And as far as I know you dont store any information in your library.

Store : Persisting data on disk. Either on DIskBasedCache or SQLLiteDB or any other DB

from creditcardview.

Thanks for clarifying. Yes makes sense. Will be pushing it to github soon :)

from creditcardview.

Any ETA on this? I'd love to use this feature.

from creditcardview.

Hi @biddster,
This is already in the works. You can chime in your opinion on the discussion here - #11

from creditcardview.

@vijayrawatsan @biddster This feature has now been implemented. Will be working on the new screenshots and once those are done, will be releasing this functionality in the next release of the library. Based on the feedback I ended up getting, it has been done on the back itself. @vijayrawatsan you made a valid point about UX, but I went ahead with general consensus :)

from creditcardview.