Expose CVC number in CardField when dangerouslyGetFullCardDetails=true

[mashaalmemon]

Is your feature request related to a problem? Please describe.

We use Stripe to take card payments, and a 2nd payment provider to handle Visa Debit payments. We want to use the Stripe CardField component to collect card details & submit them to both Stripe and the Visa Debit payment provider at the same time. In our use case our Visa Debit payment provider provides a client side library which we use to tokenize the payment method before adding it to their system.

We currently are using dangerouslyGetFullCardDetails on the CardField component to get number, expiryYear expiryMonth from the control but note that cvc is not provided. We need cvc to tokenize the information.

Describe the solution you'd like

We would appreciate it if cvc could be exposed as well when dangerouslyGetFullCardDetails=true on the CardField component.

Describe alternatives you've considered

Any alternative would involve using a different component or building our own component for Visa Debit information. This would not be ideal.

Additional context

In #280 access to the full card number was granted. In that ticket, providing cvc was considered by @thorsten-stripe but the original requestor there did not require it. This has been requested in and #425, but the use case was not appropriate. I believe @thorsten-stripe was looking for more information on a usecase but one wasn't identified. I hope our use-case justifies the need for this feature.

[mashaalmemon]

Hi @charliecruzan-stripe, any change this type of enhancement can be made. This seems to be the only piece of information that doesn't make it though when using dangerouslyGetFullCardDetails=true. Would be great if this could get in.

If we could get an idea if our request would be possible sooner-than-later we can make a decision what we should do on this end; We're currently marching towards a deadline on this end and this issue would need to be solved for our release to be feature complete.

Essentially, on our end if we can't get at the cvc value from the CardField component, we'll need to create or own component to collect visa debit information.

Let us know either way. Thanks in advance.

[mashaalmemon]

@charliecruzan-stripe please advise is this request might make it into the subsequent release. If not we'll need to find another solution.

[charliecruzan-stripe]

hi @mashaalmemon , I'm checking in on this now. It's a fairly specific use case so I can't make any definitive promises right now unfortunately

[charliecruzan-stripe]

@mashaalmemon we will implement this, it will likely be ready for our next release. Please remember that enabling dangerouslyGetFullCardDetails means you are no longer eligible for an SAQ A. See more info here- https://stripe.com/docs/security/guide

[mashaalmemon]

@charliecruzan-stripe, I appreciate the super quick turn around time. Regarding the SAQ A understood. For planning purposes, when do you expect the next release to be out/available?