Reputation: 21
How do websites determine if a credit card number is valid?
I was browsing through a web app which had functionality to link credit card, I got reminded that usually these kind of pages have a functionality where they would tell us right away if card number is valid. How do they do this? I think no such sites sends requests to the server to check this and this is done at client side but I couldn't find anything in the JS code. How this is usually done?
Am not asking for code just the logic, how do web apps check if a CC is valid or not? I know that first 4 digits tell about the company (visa, mastercard etc) but I didn't found any code in JS which said if number = XXXX its mastercard or something like this.
Upvotes: 2
Views: 6492
Answers (1)
Reputation: 219934
Your assumptions are incorrect.
For starters, the only way to tell if a credit card is valid is to actually charge a payment against it. Without communicating with the card issuing bank, and a transaction is the only way to do that, it is impossible to tell if a card is valid or not. Since it is never a good idea to charge a credit card without permission it is a best practice to perform what is called an Authorization Only, or AUTH ONLY, transaction which will freeze a set amount against a credit card for future capture. Using an amount of $0.01 is recommended as anything you freeze will be unavailable to that cardholder until you either capture that amount, void that transaction, or the authorization releases itself about one month later.
One thing that is common to do is verify if a credit card number is probably valid. If it is not possible, or suitable, to do the check detailed above, you can determine if a card is likely to be valid based on several factors.
- The card passes the Luhn algorithm
- The BIN number is valid
The Luhn algorithm is a simple checksum formula used to validate a variety of identification numbers, such as credit card numbers. There is free code available for doing this check in many languages.
Bank Identification Numbers, or BIN numbers, apply to Visa and MasterCard among others, and the first n number of digits of the card number will tell you what bank issued that credit card. I know that there are lists available of current BIN numbers and you can check to see if a card has a valid BIN as part of your pre-validation.
If you combine the Luhn algorithm with BIN number checks you can do a pre-validation of credit cards and eliminate many incorrect cards from being used quickly and without expense. But to be 100% sure a credit card exists you must perform a transaction with the AUTH ONLY being the correct way to validate the card.
Upvotes: 4
Related Questions
- How to validate a credit card number
- How do you detect Credit card type based on number?
- Wanted to check if a credit card number is valid or not
- Credit Card number Validation algorithm
- Credit Card Number Validation
- how to validate credit card info(billing, card number etc) through authorize.net?
- Validating card credit numbers
- Validating Credit Card Information - CVV Numbers
- how to validate credit card number and Card Code Verification (ccv)
- Verifying Credit Card Number (beyond format)