credit card validation

Posted on 2003-02-19
Medium Priority
Last Modified: 2013-11-29
my question is regarding credit card no. validation. I want to accept payment by credit card on my web site. I have bank merchant account (also know about secure certificate). I'm not using any shopping cart program. I developed my own asp page to choose prdoucts and place your order. My question is how can I validate credit card number? Any other web site, accecpting credit card validate the card number and what are other necessary informations are require? Is shooping cart is must or asp page developed by me will work ? Please cover all points and guide me.
Question by:enters

Accepted Solution

AmericanDogma earned 400 total points
ID: 7984046
Here is a card number validation script:


I use a modified version of this that I found a year back or so.  


If all you want to do is verify a CC# is a valid date and number then you can use this;

    ccmsg = ""
' check user's input to make sure
' something was entered for each input.
    If cctype <> "visa" And cctype <> "americanexpress" And cctype <> "mastercard" Then
         ccmsg=ccmsg & "You entered an unknown Credit Card.<br>"
    End If

    If Not(IsNumeric(ccnumber)) Or Not(Len(ccnumber) >= 13) then
         ccmsg=ccmsg & "You must enter a valid Credit Card number.<br>"
    end if

    'check the date
    if ccexpire="" or not(isdate(ccexpire)) then
         ccmsg=ccmsg & "You must enter a valid Expiration date.<br>"
    end if

    if ccmsg <> "" then
         response.redirect("payment.asp?ccmsg=" & Server.URLEncode(ccmsg))
    end if

However if you want to ensure that a CC# is valid for processing then you will nned to use a CC processing center, there are dozens that do this, here is a brief list;

DPI Merchant Services
ECX QuickCommerce 3.0
Epoch Systems
ePoint Processing
eProcessing Network
iBill Processing
IntelliPay ExpertLink
iTransact RediCharge
LinkPoint Secure
MCPS WebLink
PayCom Processing
PayReady Link
PaySystems (RevEcom)
Planet Payment
RTWare WebLink
Trust Ecommerce
VeriSign PayFlow Pro
ViaKlix (Nova)

Expert Comment

ID: 7986647
There is a service (for UK) called Netpayments which allows you to use their system to securly collect credit card information which you can then use to take payment.


Expert Comment

ID: 7988731
Is netpayments free.

There are countless merchant accoutn and credit card validation companies however non of which I have ever seen are free.
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!


Expert Comment

ID: 7997937
If you want to be able to accept payment for products/services online, then you are going to have to pay. However, you could collect the card details yourself but you would need to ensure your method was secure. If were going to do that, I would recommed:

* Purchase a dedicated servers
* Pay extra for added security
* Get 128 Bit SSL
* Secure your database
* Use PGP

This will cost a heck of a lot!

That is where the companies such as WorldPay or Netpayments come in. They already have all the security equipment which means you don't have to pay extra for it. As you already have a merchant account, then Netpayments would be the best - they only charge £9.95 per month!

Expert Comment

ID: 8046858
OH yeah, and how are you going to store this credit card information?

Are you using SSL or any kind of encryption?

What kind of security measures are using to control the privacy and security of that data.

I find it easiest to go with an external source, but it depends on your situation, and what kind of resources you have.

Also it depends on what methods you want to offer...

And how you want to validate them...There is also a trend to start asking for the special number that is on the back of the credit card number...

You have to do a lot of planning to make sure all aspects of the order are taken care of.

I went this whole process as part of a new site i just finished completing.
LVL 10

Expert Comment

ID: 8085894
you won't find it for free.  you'll need a payment gateway like http://www.authorize.net 

there are others as well, but having a merchant account isnt enough.


Expert Comment

ID: 8092770
Having a merchant account the the hardest hurdle to get over in this business. Since you all ready have one I am assuming that you're a brick and mortar business as well.

I dont konw much about asp so I wont post any code but I think you can figure it out. I also dont know much about your business or technological situation but here gos:

First off you're going to need access to an SSL (secure socket layer), this is a special section of the server your running on that will encrypt and decrypt information coming to and going from it.
SSL is denoted by the little lock symbol (IE) the HTTPS insead of HTTP in the address bar ect. You're whole website dosen't have to be on SSL just the CC processing protion of it. If your using a hosting company they'll charge a little extra per mo (mine is $5.00)

Second.... Create a form on your checkout page (on SSL) with your $$$ totals with everything added up so the final $$$ ammount that will be charged to thier credit card is displayed. Make sure that the customer knows exactly how much money will be debited from his account for this is the #1 reason that people request chargebacks. On the form you'll obviously have fields like CC number, Exp date and others... This form will be passed on to....

Your new best friend... your transaction company... Choosing one is of the upmost importance and should require a substantial amount of research. Definatley get one that you have to pay for... Nothing in this world if free especially not CC trannys

If anyone is offering them for free I would stay far far away. I'd put my money on them being scams.
Processing CC's on the internet will usually entails:
1. A set-up fee
2. A monthly fee
3. A per-transaction fee
4. A "cash-out" fee
5. A percentage of your charge (typically called a discount fee)

yes, a discount fee, a discount of your profits. Any where from %.9
to %5.0 depending on the company and the volume of transactions you do with them. I know its a lot of fees but there's nothing you can do to avoid them aside from installing a processing machine in your living room... Personally I would find a company in your hometown and visit them in person. Make sure they give you literature outlining every little nuance in they contract, trust me you'll thank your self later (in small claims court)

As for acutal processing of the card...
Don't store any of the customer's CC information in your database or on your server. And let them know that. On my website I make sure that the customer knows that absolutley none of their CC info is stored anywhere and the session cookie is destroyed as soon as the card is accepted or declined.
This gives the customer piece of mind and lets the legal burden off of yourself.
The transaction process outlined:

your SSL server ------> transaction company SSL server ------> credit card company (accept or decline) ------>transaction company SSL server ------> yor SSL server

here you will tell your customer that his card has been accepted or declined simple as that...
I have never seen a reason to store any credit card information (except for recurring transactions) and I wouldn't want anyone storing mine.

if your looking for more information the companies are the best place to go. Although bias for information go to the sources. I've found that www.beanstream.com has a great source...

I hope this opens your eyes some...


Expert Comment

ID: 8161847
Verisign offers a nice dll called Verisign Pay Flow Pro.

You can talk to directly from asp if you want to build your own solution.  You just send it the information and it sends you the results - It checks card, expiration, zip code, the 3 or 4 digit number on the physical card, etc.

You never need to leave your site for a 3rd party interface - but your host needs to register the dll on their server (most hosting services shouldn't have a problem with this proven company though, they might already have it installed.)

 - Pete

Expert Comment

ID: 8231241
Here is what I recommend you do:

(1) use a simple script to validate the credit card number
(2) store the credit card numbers in the database
(3) export the orders in a csv file
(4) have your merchant process those orders for you (most merchants provide this for free).

This is the fastest way to get going.

Expert Comment

ID: 8395905
this code is pretty effective, not complete but you should get the jist

if (!LuhnCheck(ccNum) || !validateCCNum(ccType,ccNum))
 alert('Please enter a valid card number');
 result = false;

function LuhnCheck(str)
  var result = true;

  var sum = 0;
  var mul = 1;
  var strLen = str.length;
  for (i = 0; i < strLen; i++)
    var digit = str.substring(strLen-i-1,strLen-i);
    var tproduct = parseInt(digit ,10)*mul;
    if (tproduct >= 10)
      sum += (tproduct % 10) + 1;
      sum += tproduct;
    if (mul == 1)
  if ((sum % 10) != 0)
    result = false;
  return result;

function validateCCNum(cardType,cardNum)
     var result = false;
     cardType = cardType.toUpperCase();
     var cardLen = cardNum.length;
     var firstdig = cardNum.substring(0,1);
     var seconddig = cardNum.substring(1,2);
     var first4digs = cardNum.substring(0,4);

     switch (cardType)
          case "VISA":
               result = ((cardLen == 16) || (cardLen == 13)) && (firstdig == "4");
          case "MASTERCARD":
               var validNums = "12345";
               result = (cardLen == 16) && (firstdig == "5") && (validNums.indexOf(seconddig)>=0);
          case "SWITCH" :
        case "SOLO" :
        case "DELTA" :
               result = (cardLen == 16);

     return result;

Expert Comment

ID: 8729885
Not sure how complex you're online "store" will be, but you can try setting up a merchant account with http://www.2checkout.com/ or a Paypal merchant account http://www.paypal.com 

Those will allow you to accept credit cards on your site by setting up special links for your products.

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While opting for any web-to-print solution, you need to discuss with your team and some of your end users and know their opinions about your decisions. In this article we list down some questions you need to ask yourself.
How does storytelling impact the web? What goes into a great story on the web? And how can it be used for marketing purposes? All of these questions will be answered.
Use Wufoo, an online form creation tool, to make powerful forms. Learn how to choose which pages of your form are visible to your users based on their inputs. The page rules feature provides you with an opportunity to create if:then statements for y…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question