# CVC Collection Requirements

Stripe requires that merchants collect card verification codes (CVCs) from customers when collecting card details on a client-side surface using a publishable key in order to maintain transaction security. This requirement excludes cases where collection isn’t possible, like digital wallets (Link, Apple Pay, Google Pay) and card details collected in-person using Terminal.
Attempting to charge cards collected client-side without a CVC results in an API error. We recommend securely collect cards details using one of these integration patterns:
1. Use a [pre-built hosted surface](https://stripe.com/docs/payments/online-payments) for an optimized checkout experience that automatically collects all required details from cardholders.
1. If you’re using [Stripe.js](https://stripe.com/docs/js), use the [payment Element](https://docs.stripe.com/js/element/payment_element) to collect complete card details from buyers.
1. If you’ve built your own frontend which collects card details and passes them to the Stripe API using your publishable key, collect the CVC on your frontend and [pass it to the Stripe API](https://stripe.com/docs/api/payment_methods/create#create_payment_method-card-cvc) along with other card details like the card number and expiry date.
If notice another use case where you can't collect CVCs, reach out to Stripe support.