发表新帖
发表新帖

Credit Card checksums and validations that do not require connection to the financial institution

后端 未结
关注
1 2044
醉酒成梦
醉酒成梦 2021-01-06 20:17

The validations I know of are:

  • Checksum the whole card number should add up to zero. (range is 0-9)
  • Check the first digit(s) against the card type
相关标签:
1条回答
  • 名媛妹妹
    2021-01-06 20:44

    • Card Number (aka PAN, Primary Account Number)
      Don't take any advice as gospel. The card number is comprised of a 6 digit Issuer Identification Number (IIN), an account number and a luhn check digit. The IIN ranges are constantly changing and industry sectors that rely on this information (such as Payment Processors) will generally be updated as changes occur. It's reasonably safe to assume that the card number should be between 16 and 19 digits, and start with 3, 4, 5 or 6. Beyond that trying to identify the card type from the IIN is prone to error unless you are frequently updated.

    • Luhn / Mod10 check digit.
      The last digit of the card number is a check digit to pick up transposition errors which may have occured when an operator has keyed in the card number. The wikipedia article is a good source for more info and code samples.

    • Magnetic stripe
      If you have physical access to the card, and a magstripe reader, then track 2 contains banking card info. Amongst the details are card number, expiry date, LRC (check digit) and a Service Code. The service code (only available on mag stripe) informs how the card may be used, eg only for national payments, only for use at an ATM (not as a payment card), whether cash back should be offered etc.

    • CCV / CSC / CV2
      Security digits are never embossed onto the card, or recorded on the magstripe. Should be three digits on all except Amex (always 4 digits)

    • Issue date
      Used for manual (sanity) check only. Not sent during the authorization request

    • Expiry date
      A common misconception is that expired cards cannot be used. They frequently can, but they must go through online authorization first (so that the acquiring bank has final say on whether it is permitted or not). Expiry dates can be up to 20 years in the future (and even further in some rare cases)

    • Issue number
      Only available on certain card types. Should be captured and used in the authorization request.

    0 讨论(0)
 看不清?
提交回复
热议问题