20 Mar 2010
Credit card numbers are always printed and read aloud in groups of (usually) four digits, and when verifying a number after entry (which involves looking back and forth between the card and the web form) one uses the spacing to resynchronize.
If there were some security or integrity reason for disallowing these characters, I guess I’d buy it, but I’ve not found a single good reason for it. The consensus among those that I’ve spoken to is that it’s nothing but lazy, sloppy programming. I completely agree.