Forte's payment processing systems can integrate with any payment entry form, giving you complete control over the look and functionality of your UI/UX. To ensure a positive user experience that prevents errors and minimizes security risk, Forte recommends the following best practices when creating payment forms.

Credit Card Information Fields

Payment forms should support card images for all card types including Discover, Visa, MasterCard, and American Express. The Credit Card Number field should be limited to between 12 and 19 digits (most cards have between 13 and 16 digits) and should perform Luhn and range validations on provided card numbers.

The Luhn Algorithm

The Luhn Algorithm uses a simple checksum formula to validate credit card numbers and protect against accidental errors such as simple typos. The formula verifies a calculated number against a check digit that is appended to the account number. To be valid, an account number must pass the following test:

1. From the rightmost digit (i.e., the check digit), double the value of every second digit. If the product of this doubling is greater than 9 (e.g., 8 x 2 = 16), then add the digits of the products (e.g., 16: 1 + 6 = 7).
2. Add all the individual digits (from the doubled digits and the non-doubled digits).
3. If the total modulo 10 is equal to 0 (if the remainder of the total ends in zero), then the account number is valid.

For example, assume an account number "7992739871" will have a check digit added, making it "7992739871x":

Account number	7	9	9	2	7	3	9	8	7	1	x
Double Every 2nd Digit	7	18	9	4	7	6	9	16	7	2	-
Sum of All Digits	7	9	9	4	7	6	9	7	7	2	= 67

To obtain the check digit,

1. Compute the sum of the digits. In our example this sum would be 67.
2. Take the units digit (7) and subtract it from 10 (3).
3. The result, 3, is the check digit. If the sum of the digits ends in 0, then the check digit is also 0.

This makes the full account number in our example 79927398713.

Verifying the Check Digit

The following code verifies the validity of a check digit with a given account number. This implementation is in Python.

                        
                            
def luhn_checksum(card_number):
    def digits_of(n):
        return [int(d) for d in str(n)] 
    digits = digits_of(card_number)
    odd_digits = digits[-1::-2]
    even_digits = digits[-2::-2]
    checksum = 0
    checksum += sum(odd_digits)
    for d in even_digits:
        checksum += sum(digits_of(d*2))
    return checksum % 10				
                            
def is_luhn_valid(card_number):
    return luhn_checksum(card_number) == 0
                        
                    

Calculating the Check Digit

To calculate the check digit, you must adapt the original algorithm by appending a zero check digit to the partial number and calculating the checksum. If the (sum mod 10) == 0, then the check digit is 0. Otherwise, the check digit = 10 - (sum mod 10).

The following code calculates the check digit. This implementation is in Python.

                        
                            
def calculate_luhn(partial_card_number):
    check_digit = luhn_checksum(int(partial_card_number) * 10)
    return check_digit if check_digit == 0 else 10 - check_digit
                        
                    

Bank Card Numbers

Bank card numbers, or primary account numbers, have an internal structure that shares a common numbering scheme. These numbers identify the card, which is then electronically associated by the issuer to the customer and customer's bank account. Bank card numbers (specifically numbers allocated in accordance with ISO/IEC 7812 specifications) align with the following structure:

• The number begins with a six-digit Issuer Identification Number (IIN), the first digit of which is the Major Industry Identifier (MII).
• The number contains a variable length (up to 12 digits) individual account identifier.
• The number contains a single check digit calculated using the Luhn algorithm.

M

I

I

I

I

I

A

A

A

A

A

A

A

A

A

C

 

M: Major Industry Identifier
M + I: Issuer Identification Number
A: Account Number
C: Check Digit

Major Industry Identifiers

The first digit of a credit card number represents the entity category of the issuer as the Major Industry Identifier. For example, American Express and JCB are in the travel and entertainment category while VISA, MasterCard, and Discover are in the banking and financial category. The following displays the full list of digits and their corresponding industry categories:

0 - ISO/TC 68 and other future industry assignments

1 - Airlines

2 - Airlines and other future industry assignments

3 - Travel and entertainment and banking/financial

4 - Banking and financial

5 - Banking and financial

6 - Merchandising and banking/financial

7 - Petroleum and other future industries

8 - Healthcare, telecommunications, and other future industry assignments

9 - National assignment

Issuer Identification Numbers

The first six digits of a bank card number (including the Major Industry Identifier digit) are the Issuer Identification Number (IIN). The IIN identifies the issuer and can be used to validate transactions for online merchants. The following chart displays the IIN ranges of common issuers.

Issuing Network	IIN ranges	Length	Validation
American Express	34, 37	15	Luhn Algorithm
Diners Club Carte Blanche	300 - 305	14	Luhn Algorithm
Diners Club International	300 - 305, 309, 36, 38 - 39	14	Luhn Algorithm
Diners Club United States and Canada	54, 55	16	Luhn Algorithm
Discover Card	6011, 622126 - 622925, 644 - 649, 65	16	Luhn Algorithm
JCB	3528 - 3589	16	Luhn Algorithm
MasterCard	51 - 55	16	Luhn Algorithm
VISA	4	13, 16	Luhn Algorithm
VISA Electron	4026, 417500, 4405, 4508, 4844, 4913, 4917	16	Luhn Algorithm

Bank Account Information

For payment forms that capture bank account information, Forte recommends making the Bank Name field optional. Additionally, the Routing Number field should be limited to nine digits for banks in both the US and Canada.

To help reduce keypunch errors, Forte recommends placing the Account Number field after the Routing Number field and including a second Account Number Confirmation field that is limited to a range of 3 to 17 digits. After initially entering the account number, the field should mask and only show the last four digits while the user enters their account number in the confirmation field. If the field values do not match, the user should be able to click within either field to correct the inconsistencies.

Validation checks must be performed on values entered into the Routing Number field. Routing numbers for US banks are generally between 010000000 and 399999999 with the 9th digit as the check digit (verified by a formula similar to the Luhn Algorithm). Routing numbers for Canadian banks are also nine digits long, but do not contain check digits.

US Routing Numbers

Most US routing numbers appear in the 9-digit Magnetic Ink Character Recognition (MICR) format and contain the following identifiers: Federal Reserve Routing Number, ABA Institution Identifier, and the check digit.

X

X

X

X

Y

Y

Y

Y

C

 

X: Federal Reserve Routing Number
Y: ABA Institution Identifier
C: Check Digit

Federal Reserve Routing Number

The Federal Reserve Routing Numbers were systematically assigned to reflect a bank's geographical location and internal handling by the Federal Reserve. However, with banking consolidation, the link between the digits of a routing number and the location of a financial institution is, at best, tenuous as many banks use routing numbers from now-defunct banks, the Federal Reserve no longer assigns specific numbers for thrifts, and check processing is now performed in centralized locations within each Federal Reserve district. For more information on the history of Federal Reserve Routing Numbers, consult the Federal Reserve.

ABA Institution Identifier

The fifth through eighth digits of a routing number represent the bank's unique ABA identity within the given Federal Reserve district.

Check Digit

The last digit in a routing number is the check digit, which provides a checksum test using a position-weighted sum of each of the previous digits. For a check digit to be valid, the following formula must hold true:

3(d₁ + d₄ + d₇) + 7(d₂ + d₅ + d₈) + (d₃ + d₆ + d₉) mod 10 = 0

For example, using the formula with the valid routing number for the Bank of America in Virginia, 111000025, we get:

3(1 + 0 + 0) + 7(1 + 0 + 2) + (1 + 0 + 5) mod 10 = 0.

To generate/verify the ninth digit in the checksum, rearrange the formula to solve for d₉:

d₉ = 7(d₁ + d₄ + d₇) + 3(d₂ + d₅ + d₈) + 9(d₃ + d₆) mod 10

Using this equation, we can verify the check digit in the 111000025 routing number:

7(1 + 0 + 0) + 3(1 + 0 + 2) + 9(1 + 0) = 25 mod 10 = 5

The resulting 5 matches the given check digit.

 

To verify the check digit on your payment form, use the following Python code:

                        
                            
d = "111000025"
d = [int(c) for c in d]
checksum = ( # do the math!
             7 * (d[0] + d[3] + d[6]) +
             3 * (d[1] + d[4] + d[7]) +
             9 * (d[2] + d[5])
           ) % 10
print(d[8] == checksum)
                        
                    

Canadian Routing Numbers

The Canadian Payments Association regulates Canadian routing, or transit, numbers. Transit numbers adhere to the following format:

0

X

X

X

X

X

Y

Y

Y

 

X: Branch Number
Y: Institution Number

Branch Numbers

Typically, the last digit of a branch number indicates the geographical location of the branch. The following digits correspond to locations:

0 - British Columbia and Yukon

1 - Western Québec (including Montreal) and surrounding areas

2 - Ontario (including Toronto) and surrounding areas

3 - Nova Scotia, Prince Edward Island and Newfoundland excluding Labrador

4 - New Brunswick

5 - Eastern Québec including Labrador

6 - Eastern Ontario including Ottawa and surrounding areas

7 - Manitoba and North-Western Ontario

8 - Saskatchewan

9 - Alberta, the Northwest Territories and Nunavut

Institution Numbers

Generally, the institution numbers for banks start with 0, 2, 3, or 6, credit union institution numbers begin with 8, and trust companies begin with 5. For a full list of Canadian financial institutions, consult the Canadian Payment Associations Financial Institution File (FIF) or the Financial Institutions Branch Directory (FIBD).

Sources

1. Wikipedia contributors, "Bank card number," Wikipedia, The Free Encyclopedia, http://en.wikipedia.org/wiki/Bank_card_number (accessed January 5, 2015).
2. Wikipedia contributors, "Luhn algorithm," Wikipedia, The Free Encyclopedia, http://en.wikipedia.org/wiki/Luhn_algorithm (accessed January 5, 2015).
3. Wikipedia contributors, "Routing Transit number," Wikipedia, The Free Encyclopedia, http://en.wikipedia.org/wiki/Routing_transit_number(accessed January 5, 2015).