Answering your Q, this works with every card #, and has been used for client-side card validation for a very long time. See validation kits like Peter Blum, etc …

Related to comments – it’s astonishing is that sites ask for card type at all. It always is a bit irritating too when phone card takers, like florists, ask for card type. Card type is not a field used by any card processor that I am aware of, and even if it was needed it could be determined from the card number as described above. Whenever ecom sites ask users for card type, they are just wasting our time!

The same is true, actually, for “name on card”. No card processor uses the “name on card” field for validation or other processing. It’s also a useless field to ask customers for …

What is TRULY astonishing is that a system designed in the 1950s is now the basis for so much of our electronic commerce. We have such a wealth of means to authenticate people on the web … and yet we still use CC number, expiration, CVN, and house number/zip. (And give the card networks 2.5% of the transaction for the privilege) …

Some have probably heard of Square by now- the credit card service being developed by Twitter founder Jack Dorsey. (For those who haven’t, see http://squarecreditcardreader.com )

This new way of using credit cards would put that capability in the hands of ordinary folk who would for one reason or another, rather take a card transaction than mess with cash.

I personally think it will get big, and was thinking how if they used this Luhn algorithm, it might serve as an added plus to assure a person paying and accepting that the transaction went through correctly.

Thanks for keeping us on our algorithmic toes Mike. :)

Jeff: Yep, messaging is key there.

Adam: Interesting. Yeah, I don’t think it’s an uncommon step on the server side. Just uncommon to give feedback to the user before they’ve actually submitted anything. There was a small debate about “feedback before submission” a couple of years ago when people started actually sending form input to servers via AJAX. The general consensus was that it was a creepy practice and except under circumstances where there was little chance any sort of sensitive info would be inputed, it shouldn’t be done. An example of where it seems to be ok is username availability checking.

I don’t think it’s an uncommon step.

-adam

I’ve never heard anyone mention it was creepy or suspicious, but know that it’s made the process smoother.

Using appropriate messaging rather than (or in addition to) the check would make this clearer. Using just a checkmark would be confusing/suspicious to me. Some may think that my card has been authorized or even charged (and may increase cart abandonment).