Domino Code Fragment

Code Name*
Credit Card Verification Formula		Date*
04/29/2024		Source (or email address if you prefer)*
Rlatulippe@romac.com
IP address:.3.14.15.94
Description*
A Luhn formula (Mod10) for credit card number verification, The main purpose of this algorithm is to avoid data entry errors, but it can also be used as a security tool. But BEWARE, it's a very weak security tool, that anybody can crack !		Type*
LotusScript		Categories*
(Misc)
Implementation:
Required Client:
Server:
Limitations:
Comments:
Is this algorithm crackable ? This algorithm is very unsecure, because with the luhn check algorithm, there are many valid credit card numbers: Far much than evry bank in the world could give... If you generate credit cards numbers randomly and apply the luhn check algorithm to each number generated, you'll get a valid credit card number in less than one second... Of course, a cracker will also modify the number in the way that it seems to originate from the bank of his choice... But this cracking technic has a weakness: The cracker is not sure that his fake credit card number is attributed to somebody. And if this number is not attributed, the bank will soon discover there is a problem. But if, luckily (for the cracker), the number is attributed, the bank will take the money on the account of someone else. And when this person will see that something is wrong with his bank account, the cracker will be far away. So, most of the time, crackers modify just two digits of a valid credit card number in order to get another valid credit cards numbers ! Very dangerous because this number is very likely to be attributed, and will have an expiration date close to the real card... So, the only way to be 100% sure of the credit card number given is to check with a credit agency: Of course, it will be still possible for a cracker to intercept valid credit cars numbers that are send unencrypted on the Internet. But, our gangster will now have to find a way to get his order by snail-mail without revealing it's own identity and not evry people can do this. And true criminals have somme better way to earn money...
Files/Graphics attachments (if applicable): Code:

The algorithm used for this purpose is the luhn check algorithm: The main purpose of this algorithm is to avoid data entry errors, but it can also be used as a security tool. But BEWARE, it's a very weak security tool, that anybody can crack ! (And i will explain you how in this document...).

First let's have a look at the number: There are many informations included inside:

The first digit indicate the card type: 4 for a Visa Card.
The middle digits code for a Bank Identifier and of course a customer identifier.
The last digit is the key, that allow to calculate a checksum with the Luhn Check Algorithm.

Now we have a number that seems to correspond to one of credit card standards, we can do the following:

"For a card with an even number of digits, double every odd numbered digit and substract 9 if the product is greater than 9. Add up all the even digits as well as the doubled odd digits, and the result must be a multiple of 10 or it's not a valid card. If a card has an odd number of digits, perform the same addition, doubling the even numbered digits instead..."


Function ValidateCC( strCC As String ) As Integer
'Credit card validation algorithm
'By Mark Dixon, Ives Development
'Derived from http://prope.insa-lyon.fr/~fcoppola/credit.html
'Parameter: strCC
' A string containing the card number to be validated.
' May contain non-numeric characters, e.g. spaces or dashes
'Return value:
' True if the card number is good, False if the number is bad

Dim nCheckSum As Integer
Dim fDbl As Integer
Dim nCharPos As Integer
Dim nChar As Integer

fDbl = False
nCheckSum = 0

'Read the card number from right to left
For nCharPos = Len( strCC ) To 1 Step -1
nChar = Asc( Mid( strCC, nCharPos, 1 ) ) - Asc( "0" )
'Only process if the current character is a digit
If 0 <= nChar And nChar <= 9 Then
If ( fDbl ) Then
nChar = nChar * 2
If 10 <= nChar Then
nChar = nChar - 9
End If
End If
nCheckSum = nCheckSum + nChar
fdbl = Not fdbl
End If
Next

If nCheckSum Mod 10 = 0 Then ValidateCC = True Else ValidateCC = False
End Function