CardKYCFields
in package
KYC fields for payment cards (credit/debit card information).
This class provides standardized fields for collecting payment card information required for KYC and payment processing according to SEP-09 specification. It includes card details, billing address, and tokenization support for external payment systems.
PRIVACY AND SECURITY WARNING: This class handles highly sensitive payment card data subject to PCI-DSS requirements. Implementers MUST ensure:
- Transmission only over HTTPS/TLS connections
- PCI-DSS Level 1 compliance for card data handling
- Never store unencrypted card numbers, CVCs, or full magnetic stripe data
- Prefer tokenization over direct card number storage
- Implement proper access controls and audit logging
- Secure data retention and deletion policies
- Compliance with applicable data protection regulations (GDPR, CCPA, etc.)
- Customer consent management for data collection and processing
Tags
Table of Contents
Constants
- ADDRESS_KEY = 'card.address'
- CITY_KEY = 'card.city'
- COUNTRY_CODE_KEY = 'card.country_code'
- CVC_KEY = 'card.cvc'
- EXPIRATION_DATE_KEY = 'card.expiration_date'
- HOLDER_NAME_KEY = 'card.holder_name'
- NETWORK_KEY = 'card.network'
- NUMBER_KEY = 'card.number'
- POSTAL_CODE_KEY = 'card.postal_code'
- STATE_OR_PROVINCE_KEY = 'card.state_or_province'
- TOKEN_KEY = 'card.token'
Properties
- $address : string|null
- $city : string|null
- $countryCode : string|null
- $cvc : string|null
- $expirationDate : string|null
- $holderName : string|null
- $network : string|null
- $number : string|null
- $postalCode : string|null
- $stateOrProvince : string|null
- $token : string|null
Methods
- fields() : array<string|int, mixed>
- Returns all non-null card fields as an associative array.
Constants
ADDRESS_KEY
public
mixed
ADDRESS_KEY
= 'card.address'
CITY_KEY
public
mixed
CITY_KEY
= 'card.city'
COUNTRY_CODE_KEY
public
mixed
COUNTRY_CODE_KEY
= 'card.country_code'
CVC_KEY
public
mixed
CVC_KEY
= 'card.cvc'
EXPIRATION_DATE_KEY
public
mixed
EXPIRATION_DATE_KEY
= 'card.expiration_date'
HOLDER_NAME_KEY
public
mixed
HOLDER_NAME_KEY
= 'card.holder_name'
NETWORK_KEY
public
mixed
NETWORK_KEY
= 'card.network'
NUMBER_KEY
public
mixed
NUMBER_KEY
= 'card.number'
POSTAL_CODE_KEY
public
mixed
POSTAL_CODE_KEY
= 'card.postal_code'
STATE_OR_PROVINCE_KEY
public
mixed
STATE_OR_PROVINCE_KEY
= 'card.state_or_province'
TOKEN_KEY
public
mixed
TOKEN_KEY
= 'card.token'
Properties
$address
public
string|null
$address
= null
Entire billing address (country, state, postal code, street address, etc.) as a multi-line string
$city
public
string|null
$city
= null
Name of city/town
$countryCode
public
string|null
$countryCode
= null
Billing address country code (ISO 3166-1 alpha-2, e.g. US)
$cvc
public
string|null
$cvc
= null
CVC number (security code on the back of the card)
$expirationDate
public
string|null
$expirationDate
= null
Expiration month and year in YY-MM format (e.g. 29-11 for November 2029)
$holderName
public
string|null
$holderName
= null
Name of the card holder
$network
public
string|null
$network
= null
Brand of the card/network (e.g. Visa, Mastercard, AmEx)
$number
public
string|null
$number
= null
Card number (PCI-DSS: use tokenization where possible)
$postalCode
public
string|null
$postalCode
= null
Billing address postal code
$stateOrProvince
public
string|null
$stateOrProvince
= null
Name of state/province/region/prefecture (ISO 3166-2 format)
$token
public
string|null
$token
= null
Token representation of the card in an external payment system (e.g. Stripe)
Methods
fields()
Returns all non-null card fields as an associative array.
public
fields() : array<string|int, mixed>
This method collects all populated payment card fields, returning them as key-value pairs with 'card.' prefix suitable for submission to SEP-09 compliant services. Implementers should prefer using tokenized card data where possible to minimize PCI-DSS compliance scope.
Return values
array<string|int, mixed> —Associative array of field keys to values