Prioritize Leniency over Error Detection
Users don't need to learn complex rules for how to input a credit card number. Your application should be programmed with complex rules for how to parse a credit card number in whichever way the user wants to give it. If the user wants to put spaces between the numbers, or dashes, or just type it verbatim, that input should be accepted. The only time that validation should choke on the input is if there's ambiguity that could lead to the input being misunderstood by the system. An extra character in a credit card number could be ignored, but it implies that the number was typed in wrong. After all, which character do you eliminate.
In general, however, if any particular validation step can be turned into a smarter parser, it should be.