E-Commerce Tip: Programmatically Validate Credit Card Numbers

Before I accept any credit card number into my application, I run a simple numerical validation against it. All major credit cards (American Express, Discover, MasterCard, and Visa) use the Luhn algorithm to validate the numbers—why not you? Although this function doesn't go the extra step of actually running the card to see if the transaction will work, it will give you a simple true/false result regarding the card number's validity. The function also ignores all non-digit characters, so your users can enter the number however they wish.

This is the function to run the algorithm on a given string of numbers:

/// <summary>
/// Validates a credit card number using the standard Luhn/mod10
/// validation algorithm.
/// </summary>
/// <param name="cardNumber">Card number, with or without
///        punctuation</param>
/// <returns>True if card number appears valid, false if not
/// </returns>
public bool IsCreditCardValid(string cardNumber)
{
   const string allowed = "0123456789";
   int i;

   StringBuilder cleanNumber = new StringBuilder();
   for (i = 0; i < cardNumber.Length; i++)
   {
      if (allowed.IndexOf(cardNumber.Substring(i, 1)) >= 0)
         cleanNumber.Append(cardNumber.Substring(i, 1));
   }
   if (cleanNumber.Length < 13 || cleanNumber.Length > 16)
      return false;

   for (i = cleanNumber.Length + 1; i <= 16; i++)
      cleanNumber.Insert(0, "0");

   int multiplier, digit, sum, total = 0;
   string number = cleanNumber.ToString();

   for (i = 1; i <= 16; i++)
   {
      multiplier = 1 + (i % 2);
      digit = int.Parse(number.Substring(i - 1, 1));
      sum = digit * multiplier;
      if (sum > 9)
         sum -= 9;
      total += sum;
   }
   return (total % 10 == 0);
}

About the Author

Eric Smith is the owner of Northstar Computer Systems, a Web-hosting company based in Indianapolis, Indiana. He is also a MCT and MCSD who has been developing with .NET since 2001. In addition, he has written or contributed to 12 books covering .NET, ASP, and Visual Basic.



Comments

  • P!P?P0QP8P1P>!

    Posted by Arel_V on 08/08/2007 04:14am

    P!P?P0QP8P1P> P>P3QP>PP5 P7P0 QQP0QQQ, P>QP5P=Q P?P>P

    P3P;P0.

    Reply
Leave a Comment
  • Your email address will not be published. All fields are required.

Top White Papers and Webcasts

  • Hybrid cloud platforms need to think in terms of sweet spots when it comes to application platform interface (API) integration. Cloud Velocity has taken a unique approach to tight integration with the API sweet spot; enough to support the agility of physical and virtual apps, including multi-tier environments and databases, while reducing capital and operating costs. Read this case study to learn how a global-level Fortune 1000 company was able to deploy an entire 6+ TB Oracle eCommerce stack in Amazon Web …

  • "Security" is the number one issue holding business leaders back from the cloud. But does the reality match the perception? Keeping data close to home, on premises, makes business and IT leaders feel inherently more secure. But the truth is, cloud solutions can offer companies real, tangible security advantages. Before you assume that on-site is the only way to keep data safe, it's worth taking a comprehensive approach to evaluating risks. Doing so can lead to big benefits.

Most Popular Programming Stories

More for Developers

Latest Developer Headlines

RSS Feeds