One of the most important functions of any eCommerce web site is credit card number storage and validation. In this article David develops a PHP class that stores the details of a credit card and validates its number using the Mod 10 algorithm.
Creating a Credit Card Validation Class With PHP - Credit card validation (Page 2 of 6 )
What does we actually mean when we say "validate a credit card number"? Quite simply it means that we run a credit cards number through a special algorithm known as the Mod 10 algorithm.
This algorithm processes some simple numerical data validation routines against the number and the result of this algorithm can be used to determine whether or not a credit card number is valid. There are several different types of credit cards that one can use to make a purchase, however they can all be validated using the Mod 10 algorithm.
As well as passing the Mod 10 algorithm, a credit card number must also pass several different formatting rules. A list of these rules for each of the six most popular credit cards is shown below:
Mastercard: Must have a prefix of 51 to 55, and must be 16 digits in length.
Visa: Must have a prefix of 4, and must be either 13 or 16 digits in length.
American Express: Must have a prefix of 34 or 37, and must be 15 digits in length.
Diners Club: Must have a prefix of 300 to 305, 36, or 38, and must be 14 digits in length.
Discover: Must have a prefix of 6011, and must be 16 digits in length.
JCB: Must have a prefix of 3, 1800, or 2131, and must be either 15 or 16 digits in length.
As mentioned earlier, in this article we will be creating a PHP class that will hold the details of a credit card number and expose a function indicating whether or not the number of that credit card is valid (i.e. whether it passed the Mod 10 algorithm or not). Before we create that class however, let's look at how the Mod 10 algorithm works.
The Mod 10 algorithm
There are three steps that the Mod 10 algorithm takes to determine whether or not a credit card number is valid. We will use the valid credit card number 378282246310005 to demonstrate these steps:
The number is reversed and the value of every second digit is doubled, starting with the digit in second place:
... becomes ...
and the value of every second digit is doubled:
5 0 0 0 1 3 6 4 2 2 8 2 8 7 3
x2 x2 x2 x2 x2 x2 x2
0 0 6 8 4 4 14
The values of the numbers that resulted from multiplying every second digit by two are added together (i.e. in our example above, multiplying the 7 by two resulted in 14, which is 1 + 4 = 5). The result of these additions is added to the value of every digit that was not multiplied (i.e. the first digit, the third, the fifth, etc):
When a modulus operation is applied to the result of step two, the remainder must equal 0 in order for the number to pass the Mod 10 algorithm. The modulus operator simply returns the remainder of a division, for example:
10 MOD 5 = 0 (5 goes into 10 two times and has a remainder of 0)
20 MOD 6 = 2 (6 goes into 20 three times and has a remainder of 2)
43 MOD 4 = 3 (4 goes into 43 ten times and has a remainder of 3)
So for our test credit card number 378282246310005, we apply a modulus of 10 to the result from step two, like this:
60 MOD 10 = 0
The modulus operation returns 0, indicating that the credit card number is valid.
Now that we understand the Mod 10 algorithm, it's really quite easy to create our own version to validate credit card numbers with PHP. Let's create our credit card class now.