The Algorithm that Keeps your Credit Card Secure

Chances are you have a credit card in your wallet. On the front is usually your name, some other information like your bank and the card carrier like Visa, MasterCard, etc., and a string of 16, 15, 0r 14 digits. These digits vary from card to card and they’re enough for merchants to transact business with your bank on your behalf. However, this string of numbers isn’t random, in fact, there’s a secret code in there that validates your card and keeps it safe, all in the number structure.

It’s a low-tech mathematical algorithm called the Luhn Formula. Invented by Hans Peter Luhn in 1954, this mathematical tool actually dates back to before the existence of credit cards. Even with that fact, it’s included in every credit, debit, and ATM card on earth – and it also makes for a mind-blowing bar trick if people don’t know it.

Here’s how it works.

First, write out your or any credit card on a piece of paper. Below is a randomly generated Visa Card number (not real).


Now, you’ll double every other number starting with the second number from the right and write them below the card number. Like this (doubled numbers bolded):


8 9 0 4 16 3 18 8 4 2 8 8 10 9 10 9

After doing that, for any 2 digit sums, you’ll sum together both digits to get a single number. Taking the sum string from above, you’ll get (2 digit sums in red):

8 9 0 4 16 3 18 8 4 2 8 8 10 9 10 9

8 9 0 4 7 3 8 4 2 8 8 1 9 1 9

Finally, add together all the numbers you are left with in the string, doubled and original, like below.

8+9+0+4+7+3+9+8+4+2+8+8+1+9+1+9 = 90

If that number is divisible by 10, then it’s a valid card number. If the final sum isn’t divisible by 10, then the card number isn’t valid (or you calculated it wrong). In the case of our sample number, it’s just not in use.

This algorithm is used to calculate every single card number on earth. Visa, MasterCard and Discover all have 16 digit numbers, American Express has 15, and Diners Club/Carte Blanche have 14.

Each different card issuer will have different subcategories of what numbers mean in their string, like issuer ID, account number, etc., but they all have to line up with the Luhn algorithm.

Back to the Luhn algorithm, the last number in your credit card number is referred to as the check digit. As the computer runs the algorithm. It will complete its sum without the last number. Using the number above as an example (x-variable used for check digit:

8 9 0 4 7 3 8 4 2 8 8 1 9 1 9

8+9+0+4+7+3+9+8+4+2+8+8+1+9+1+x = 81 + x

Now the computer can look back at the original card, see that the last digit is, in fact, a 9, and when added to the sum it creates a number divisible by 10. This divisibility by 10 we see in the Luhn algorithm also lends to its alternative name of Modulus 10 or Mod 10.

The algorithm was initially used to detect data entry errors and verify number strings, not as a defense against fraud. However, today it functions as a great first flag for fraud detection software on Credit Card issuers internal systems.

This algorithm isn’t just used for credit cards either, it’s also used in IMEI cards in cell phones and commonly in insurance identifier numbers. Ethernet networking also uses check digits to ensure data arrives just like it was sent and didn’t get garbled along the way. Algorithms utilizing Luhn methodology are seen all across our modern digital infrastructure.

Trevor is a civil engineer (B.S.) by trade and an accomplished writer with a passion for inspiring everyone with new and exciting technologies. He is also a published children’s book author and the producer for the YouTube channel Concerning Reality.

It's only fair to share...Share on Facebook0Share on Google+0Tweet about this on TwitterShare on LinkedIn0