 - The LUHN formula, also called modulus 10, is a simple algorithm used to validate the number on a credit card. It works on cards issued by all the major credit card companies, including American Express, Visa, Master Card, Discover, and Diner's Club. Originally created by a group of mathematicians in the 1960s, the LUHN formula is in the public domain, and anyone can use it.
The LUHN formula applies some simple arithemetic to a credit card number to calculate a number that must agree with the check digit, the last number that appears on the credit card. Here are the formula's three steps:
1. Beginning with the second digit from the end (on the right), take every other digit and multiply it by two.
2. Proceeding right to left, take each of the digits skipped in step 1 and add them to the result digits from step 1. If the result of doubling a number in step 1 resulted in a two-digit number (such as 7 + 7 = 14), use each of these digits (1 and 4) in adding the digits in step 2.
3. Subtract the result obtained in step 2 from the next higher number that ends in 0. The result must agree with the check digit.
The LUHN formula can be used by a business to make sure a credit card is valid before sending the number for debit authorization. In Canada, it is used to validate a person's Social Insurance Number. It does not verify any other information on a credit card, including whether the card's date is valid.
 |
Learn more about Web Application Security |
| Web Application Attacks Learning Guide: This guide explains how Web application attacks occur, identifies Web application attacks, and provides Web application security tools and tactics to protect against them. |
| Information security book excerpts and reviews: Visit the Information Security Bookshelf for book reviews and free chapter downloads. |
| Quiz: Could you detect an application attack?: Test your application security awareness, review common application attacks and learn how to improve application layer logging to detect and protect against these attacks. |
| Web Application Attacks Learning Guide: This guide explains how Web application attacks occur, identifies Web application attacks, and provides Web application security tools and tactics to protect against them. |
| State-based attacks: Session management: This excerpt reviews session management techniques developers can use to protect against session hijacking and other Web application attacks. |
| Content Spoofing: This excerpt from "Preventing Web Attacks with Apache" explains how content spoofing attacks exploit vulnerabilities and how to use Apache to protect against them. |
| LAST UPDATED: |
10 Oct 2006
|
 |
Do you have something to add to this definition? Let us know.
Send your comments to techterms@whatis.com
|
|
More resources from around the web:
|
|
Show me everything on 
