I thought all credit cards use the Mod10 (Kuhn) algorithm. I seem to remember it being a safeguard against data entry errors back in the day, so this is possibly a hangover from those days.
We never validate card numbers. We pass the card data to the processing gateway and let their APIs handle all that stuff. Less code for us to maintain. On Wed, 18 Dec. 2019, 3:33 pm Preet Sangha, <preetsan...@gmail.com> wrote: > Hi Ed, > > Thanks for that. We are an large enterprise platform doing thousands of > transactions via gateways - CC info is normally flowing through our code > except in the most secure of ways - we are PCI compliant. However to be > extra careful I'm trying to remove anything that looks like a known CC > shape from logging. It's to prevent issues in case someone inadvertently > stores CC in fields that they shouldn't. Yes there education but sometimes > mistakes happen. > > regards, > Preet, in Auckland NZ > > > > On Wed, 18 Dec 2019 at 16:57, <eddie.deb...@gmail.com> wrote: > >> Hi Preet, >> >> >> >> I don’t know of any libraries that handle this, but I do have a question >> for you. >> >> >> >> Why are you validating credit card info? >> >> >> >> I ask this because if you are validating card info then you are >> handling/processing card info. Any business handling credit card >> information should have PCI-DSS compliance. >> >> >> >> Personally, I find it is much easier to use external providers (eway, >> paypal et al) to handle the whole payment process, meaning your code never >> needs to touch a credit card number and you never have to worry about >> compliance, *security etc. >> >> >> >> Just a another random thought, YMMV. >> >> >> >> *Security of the card information >> >> >> >> Ed. >> >> >> >> *From:* ozdotnet-boun...@ozdotnet.com <ozdotnet-boun...@ozdotnet.com> *On >> Behalf Of *Preet Sangha >> *Sent:* Wednesday, 18 December 2019 2:41 PM >> *To:* ozDotNet <ozdotnet@ozdotnet.com> >> *Subject:* >> >> >> >> Would anyone know of any credit card validation/detection or similar >> libraries that we may be able incorporate into our .net framework code >> (preferably in nuget form) in order to eliminate our own hand coded regexs >> please? >> >> >> >> Regards Preet >> >> >> >
