Credit card data processing

Credit card fields are special fields in iframes. Neither the FundraisingBox nor your server has direct access to the safety critical number and secure id. So these fields need a special treatment of handling and we recommend to use our jQuery-Plugin which does a lot of helpful automatic work for you.

📘

Available now: PayPal credit card

From April 2, 2025, credit card payments is also possible via PayPal. This payment method must be activated in the FundraisingBox. Only one credit card payment can be activated.
If you have already activated credit card payments with Stripe or MicroPayment, you only need to adjust the HTML for the placeholders and hidden fields and add your style information as constructor options. Unlike Stripe, the field for credit card holders is also generated by PayPal.


Required fields

The plugin automatically loads the extra javascript if all required credit card fields with following IDs exist.

  • payment_credit_card_owner
  • payment_credit_card_number
  • payment_credit_card_number_hidden
  • payment_credit_card_secure_id
  • payment_credit_card_secure_id_hidden
  • payment_credit_card_token

Additional if micropayment is used:

  • payment_credit_card_expire_date_month
  • payment_credit_card_expire_date_year

Additional if Stripe is used:

  • payment_credit_card_expiry
  • payment_credit_card_expiry_hidden
  • payment_credit_card_network

Additional if PayPal is used:

  • payment_credit_card_expiry
  • payment_credit_card_expiry_hidden

🚧

You have to use these IDs!


Stripe example:

<div>
  <div id="payment_credit_card_owner_wrapper">
    <div class="label">
      <label for="payment_credit_card_owner">Karteninhaber/-in&nbsp;*</label>
    </div>
    <div class="field">
      <input type="text" id="payment_credit_card_owner" name="payment[credit_card_owner]" autocomplete="off">
    </div>
    <div class="error" id="payment_credit_card_owner_error"></div>
  </div>
  
  <input type="hidden" id="payment_credit_card_token" name="payment[credit_card_token]">
  <input type="hidden" id="payment_credit_card_network" name="payment[credit_card_network]">
  
  <div id="payment_credit_card_number_wrapper">
    <div class="label">
      <label for="payment_credit_card_number">Kartennummer&nbsp;*</label>
    </div>
    <div class="field">
      <div id="payment_credit_card_number"></div>
    </div>
    <div class="error" id="payment_credit_card_number_error"></div>
  </div>
  <div id="payment_credit_card_number_hidden_wrapper">
    <div class="label">
      <label for="payment_credit_card_number_hidden">Kartennummer&nbsp;*</label>
    </div>
    <div class="field">
      <input type="text" id="payment_credit_card_number_hidden" name="payment[credit_card_number_hidden]" readonly="readonly">
    </div>
    <div class="error" id="payment_credit_card_number_hidden_error"></div>
  </div>
  
  <div id="payment_credit_card_secure_id_wrapper">
    <div class="label">
      <label for="payment_credit_card_secure_id">Prüfnummer&nbsp;*</label>
    </div>
    <div class="field">
      <div id="payment_credit_card_secure_id"></div>
    </div>
    <div class="error" id="payment_credit_card_secure_id_error"></div>
  </div>
  <div id="payment_credit_card_secure_id_hidden_wrapper">
    <div class="label">
      <label for="payment_credit_card_secure_id_hidden">Prüfnummer&nbsp;*</label>
    </div>
    <div class="field">
      <input type="text" id="payment_credit_card_secure_id_hidden" name="payment[credit_card_secure_id_hidden]" readonly="readonly">
    </div>
    <div class="error" id="payment_credit_card_secure_id_hidden_error"></div>
  </div>
  
  <div id="payment_credit_card_expiry_wrapper">
    <div class="label">
      <label for="payment_credit_card_expiry">Gültig bis&nbsp;*</label>
    </div>
    <div class="field">
      <div id="payment_credit_card_expiry"></div>
    </div>
    <div class="error" id="payment_credit_card_expiry_error"></div>
  </div>
  <div id="payment_credit_card_expiry_hidden_wrapper">
    <div class="label">
      <label for="payment_credit_card_expiry_hidden">Gültig bis&nbsp;*</label>
    </div>
    <div class="field">
      <input type="text" id="payment_credit_card_expiry_hidden" name="payment[credit_card_expiry_hidden]" readonly="readonly">
    </div>
    <div class="error" id="payment_credit_card_expiry_hidden_error"></div>
  </div>
  
</div>

PayPal example:

<div id="credit-card-fields">
  <div id="payment_credit_card_owner_wrapper">
    <label for="payment_credit_card_owner">Karteninhaber*in</label>
    <div id="payment_credit_card_owner"></div>
    <small id="payment_credit_card_owner_error"></small>
  </div>
  
  <div id="payment_credit_card_number_wrapper">
    <label for="payment_credit_card_number">Kartennummer</label>
    <div id="payment_credit_card_number"></div>
    <small id="payment_credit_card_number_error"></small>
  </div>
  <div id="payment_credit_card_number_hidden_wrapper">
    <label for="payment_credit_card_number_hidden">Kartennummer</label>
    <input type="text" id="payment_credit_card_number_hidden" name="payment[credit_card_number_hidden]" readonly>
    <small id="payment_credit_card_number_hidden_error"></small>
  </div>
  
  <div id="payment_credit_card_secure_id_wrapper">
    <label for="payment_credit_card_secure_id">Prüfnummer</label>
    <div id="payment_credit_card_secure_id"></div>
    <small id="payment_credit_card_secure_id_error"></small>
  </div>
  <div id="payment_credit_card_secure_id_hidden_wrapper">
    <label for="payment_credit_card_secure_id_hidden">CVC</label>
    <input type="text" id="payment_credit_card_secure_id_hidden" name="payment[credit_card_secure_id_hidden]" readonly>
    <small id="payment_credit_card_secure_id_hidden_error"></small>
  </div>
  
  <div id="payment_credit_card_expiry_wrapper">
    <label for="payment_credit_card_expiry">Gültig bis</label>
    <div id="payment_credit_card_expiry"></div>
    <small id="payment_credit_card_expiry_error"></small>
  </div>
  <div id="payment_credit_card_expiry_hidden_wrapper">
    <label for="payment_credit_card_expiry_hidden">Gültig bis</label>
    <input type="text" id="payment_credit_card_expiry_hidden" name="payment[credit_card_expiry_hidden]" readonly>
    <small id="payment_credit_card_expiry_hidden_error"></small>
  </div>
</div>

<input type="hidden" id="payment_credit_card_token" name="payment[credit_card_token]">

iframe-inputs

As you can see in the example above there is only an empty "payment_credit_card_number"-div, a "payment_credit_card_secure_id"-div, a "payment_credit_card_expiry"-div and, for PayPal, "payment_credit_card_secure_name"-div. Our plugin injects automatically the iframe-inputs into these divs.


Styling

Styling Stripe and MicroPayment

📘

As you don't have direct access to the inputs in the iframe, you have to style the surrounding divs e.g. "#payment_credit_card_number" like they were inputs.

creditCardFieldTemplate-Option
You can provide a "template" for the iframe-inputs, in general we recommend to use the "credit_card_owner"-field. If a template is given, our plugin sets the border to "0", the width to "100%" and the background to "none" of the iframe-inputs. It also copies the height and the font-styles of the template to the iframe-inputs.
This automatic style propagation takes place on window resize as well.
By default the template is set to "payment_credit_card_owner".

myForm = $("#form").fundraisingBoxForm({
  hash: "{your_form_hash}",
  creditCardFieldTemplate: "payment_credit_card_owner"
});

📘

Custom fonts

For security reasons custom fonts are not possible in the iframe-inputs.

If you want to style the iframe-inputs directly, you can use the "creditCardStyle()"-function (see Functions). But we do not recommend this.

📘

Recommendation

Use the "creditCardCopyStyleFromTemplate()"-function (see Functions) when you toggle your credit card fieldset to ensure the correct stylings.

Focus

It's a good manner to highlight the currently focused field, but highlighting the iframe-inputs is not easily possible. So our plugin sets a "focus"-class to the "payment_credit_card_number"-div, "payment_credit_card_secure_id"-div and "payment_credit_card_expiry"-div if the respective iframe-input is focused.
You can now consider this class for your design.

Our plugin considers the other way around as well: if a label is clicked, the respective iframe-input is focused.


Styling PayPal

Add constructor options to your form in the function fundraisingBoxForm for your custom input style:

myForm = $('#form').fundraisingBoxForm({
  ...
  paypalCreditCardFieldStyles: {
    'border': '0.0625rem solid #909697',
    'border-radius': '0.25rem',
    'background': '#ffffff',
    'font-family': 'inherit',
    'font-size': '1rem',
    'line-height': '1.5rem',
    'padding': '1px 2px',
  },
  paypalCreditCardFieldInvalidStyles: {
    'border': '0.0625rem solid purple',
    'color': 'purple',
  },
});`

See the complete list of allowed style options for PayPal cardFields: https://developer.paypal.com/sdk/js/reference/#style-card-fields


Create token

If the option "autoSubmit" is active (default) the plugin automatically call the "creditCardMakeToken()"-function (see Functions and trys to create the credit card token before sending the data to the payment session. If you disable autoSubmit you have to call the "creditCardMakeToken()" by yourself.


Readonly "Hidden"-fields

After creating the credit card token, the credit card data is returned in an obfuscated format and set as the value of hidden input fields.

For Stripe and Micropayment, the card number is masked except for the last four digits. For example, 1234123412341234 will be returned as ************1234.

For PayPal, the entire card number is masked with asterisks: ****************.

The secure ID (CVV) is always fully masked as ***.

If a session contains a credit_card_token, the following wrapper elements will be hidden:
payment_credit_card_number_wrapper
payment_credit_card_secure_id_wrapper
payment_credit_card_expiry_wrapper

To display the obfuscated credit card data to the user, use the input fields of the hidden fields:

payment_credit_card_number_hidden
payment_credit_card_secure_id_hidden
payment_credit_card_expiry_hidden
These hidden fields should be readonly.


Reset and Reinitialization

The function "creditCardReset()" will reset the token, show the wrapper elements and render the iframe-inputs and hides the "_hidden"-fields.

myForm.creditCardReset(); 

Code examples

Simple Stripe credit card fields code example

<style>
  input:focus, .focus {
    border-color: #0f0;
  }
</style>

<form id="form">
	<div id="myFormFields"></div>
	<input type="submit" value="submit">
</form>

<script src="path/to/jquery.min.js"></script>
<script src="https://secure.fundraisingbox.com/js/jquery.fundraisingbox.min.js"></script>
<script>
$(function() {
    myForm = $("#form").fundraisingBoxForm({
        hash: "{your_form_hash}",
        creditCardFieldTemplate: "payment_credit_card_owner"
    });

    myForm.on("fundraisingBox:init", function(event) {
        myForm.appendFieldRowsTo("#myFormFields", [
            "payment_method",
            "credit_card_owner",
            "credit_card_token",
            "credit_card_network",
            "credit_card_number",
            "credit_card_number_hidden",
            "credit_card_secure_id",
            "credit_card_secure_id_hidden",
            "credit_card_expiry",
            "credit_card_expiry_hidden"
        ]);
      	
      	// reset the fields on payment method change
        $("#payment_payment_method").change(function() {
            if($(this).val() != "stripe_credit_card")
            {
                myForm.creditCardReset();
            }
        });
      
      	// some custom styling
        myForm.on("fundraisingBox:creditCardReady", function() {
            myForm.creditCardStyle("color", "#00f");
        });
    });
});
</script>

Simple PayPal credit card fields code Example

<form id="form">
    <div id="myFormFields"></div>
    <div id="credit_card_wrapper" style="display: none"></div>
    <div>
        <a id="jsResetCard" style="display: none">Neue Karte eingeben</a>
    </div>
    <input type="submit" value="submit">
</form>

<script src="https://code.jquery.com/jquery-3.6.0.min.js"></script>
<script src="https://secure.fundraisingbox.com/js/jquery.fundraisingbox.min.js"></script>
<script>
    $(function() {
        myForm = $("#form").fundraisingBoxForm({
            hash: 'YOUR_FORM_HASH',
            sandboxHash: 'YOUR_SANDBOX_HASH',
            fbHost: 'https://secure.fundraisingbox.com',
            debug: true,
            paypalCreditCardFieldStyles: {
                border: '0.0625rem solid #909697',
            },
            paypalCreditCardFieldInvalidStyles: {
                border: '0.0625rem solid purple',
            },
        });

        myForm.on("fundraisingBox:init", function(event) {
            //append formFields
            myForm.appendFieldRowsTo("#myFormFields", [
                "amount",
                "interval",
                "first_name",
                "last_name",
                "payment_method",
            ]);

            //append creditCardFields
            myForm.appendFieldRowsTo("#credit_card_wrapper", [
                "credit_card_owner",
                "credit_card_number",
                "credit_card_number_hidden",
                "credit_card_secure_id",
                "credit_card_secure_id_hidden",
                "credit_card_expiry",
                "credit_card_expiry_hidden",
            ]);

            //append hidden field
            myForm.appendFieldTo("#myFormFields", "credit_card_token");

            //toggle creditCardFields
            const $paymentMethod = $('#payment_payment_method');
            const $creditCardWrapper = $('#credit_card_wrapper');
            $paymentMethod.on('change', function () {
                console.log('change', this.value);
                if (this.value.indexOf('credit_card') !== -1) {
                    $creditCardWrapper.show();
                    $('#jsResetCard').show();
                } else {
                    $creditCardWrapper.hide();
                    $('#jsResetCard').hide();
                }
            });

            //resetCreditCard
            $('#jsResetCard').on('click', () => myForm.creditCardReset());
        });

        myForm.on("fundraisingBox:payment", function(event) {
            if($('#payment_credit_card_token').val()) $('#jsResetCard').show();
        })
    });
</script>