the static function validateCreditCard in CRM/Core/Payment/Form.php is used as a form rule in a variety of mostly administrative payment forms. This causes problems for:
1. SWIPE credit card processing, where the credit card number is passed in as an encrypted string (in combination with the credit card type and expiry).
2. Non-credit-card payment processing. This is not currently an issue, since those forms generally have other ways that prevent the use of direct debit, but should be fixed for the future.
The proper solution should involve:
1. Changing the form rule to instead invoke a function of the payment object, e.g. $paymentObject::validatePaymentInstrument($values, &$errors)
2. Set that function to default to invoking the existing function CRM_Core_Payment_Form::validateCreditCard
3. Allow payment processors to override that function.
For bonus points, maybe check for payment_type = 1 before invoking validateCreditCard in the default function in step 2.