So payment using their privacy card would look a little like this.
Merchant --> Privacy Card --> Users Real Card --> Users Bank
Where the step between Privacy Card and Real Card doesn't involve a checkout process and transaction authorisation. In bank speak they're just presenting transactions to the users bank, without first getting a transaction authorisation.
These details are important because presented transactions can't be stopped (that's what authorisation is for), they immediately move money from the users bank to the merchant, regardless of available funds or user consent, they can only be reversed via chargeback. These types of payments are called unauthorised payments, and due to the inability of bank to prevent, you're never really meant to use them, and the receiving bank has very strong rights during the chargeback process.
As a payments processor on the other side of the card network you don't want to be dealing with unauthorised payments. They're trivial to dispute, you're almost certainly breaking the card networks rules, and when they go wrong (which they 100% will), they're extremely expensive and time consuming to deal with.
Additionally in the EU, the introduction of Strong Customer Authentication basically makes these types of transaction completely illegal, and as a customer if such a transaction happened on your account you would have a right to full refund in the event of dispute, and your bank would be forced to provide it even if you had published your full card details online. You're bank would of course then go after the merchant via the card network, and then payment processors like Stripe get caught in the middle, and potentially find themselves liable for money they can no longer reclaim from the merchant, because they've already paid out the money and the dispute only happened 3 or 4 months later.