search

bendrucker / creditcards-types

Card type definitions and methods for creditcards
MIT License
71 stars 20 forks source link

Mada regex accuracy needs improvement #50

Closed nicolas-maalouf-cko closed 5 years ago

nicolas-maalouf-cko commented 5 years ago

Just to keep track of https://github.com/bendrucker/creditcards-types/pull/43 where more details were provided

bendrucker commented 5 years ago

Hey please copy any details here instead of on a merged PR

Happy to accept a PR here. Per your question eager vs. regular pattern is used to validate a partial vs. full card number. Eager aids in building forms that detect card types early.

nicolas-maalouf-cko commented 5 years ago

Hi @bendrucker

Thanks for your prompt reply, I'll paste the full details below.

The regex we worked is based solely on the BIN (first 6 digits). I assume Eager is used for BIN checks?

Any recommendations / best practices on how to proceed with the regular pattern in that case?

We're using this project for one of our solutions and we noticed that the regex used for Mada cards actually includes non-Mada Visa / MasterCard card BINs.

An example is "465943" which is a UK issued Visa card, so it's creating confusion in some situations.

There's also a new more up-to-date list of BINs that you can find here: https://docs.checkout.com/docs/mada#section-processing-payments-with-frames-and-checkout-js

We've generated a regex that seems to exclusively match all the updated BIN list:

/4(0(0861|1757|7(197|395)|9201)|1(0685|7633|9593)|2(281(7|8|9)|8(331|67(1|2|3)))|3(1361|2328|4107|9954)|4(0(533|647|795)|5564|6(393|404|672))|5(5(036|708)|7865|8456)|6(2220|854(0|1|2|3))|8(301(0|1|2)|4783|609(4|5|6)|931(7|8|9))|93428)|5(0(4300|8160)|13213|2(1076|4(130|514)|9(415|741))|3(0906|1095|2013|5(825|989)|6023|7767|9931)|4(3(085|357)|9760)|5(4180|7606|8848)|8(5265|8(8(4(5|6|7|8|9)|5(0|1))|98(2|3))|9(005|206)))|6(0(4906|5141)|36120)|9682(0(1|2|3|4|5|6|7|8|9)|1(0|1))/

I'm sure there's room to improve it, would be great if anyone can assist before I send a pull request.

bendrucker commented 5 years ago

The regex we worked is based solely on the BIN (first 6 digits). I assume Eager is used for BIN checks?

Mostly, yes. The goal of the eager pattern is to detect that a card will be a particular type as soon as possible (eagerly). The intended use case is form icons or error messaging specific to the type the user tried to supply.

Any recommendations / best practices on how to proceed with the regular pattern in that case?

The regular pattern should match a full card number. Often it is ok to have known prefixes (i.e. reuse the eager pattern) and then have the last n digits be any digit.

nicolas-maalouf-cko commented 5 years ago

Thanks, so from my understanding that should be enough for the regular pattern?

/(4(0(0861|1757|7(197|395)|9201)|1(0685|7633|9593)|2(281(7|8|9)|8(331|67(1|2|3)))|3(1361|2328|4107|9954)|4(0(533|647|795)|5564|6(393|404|672))|5(5(036|708)|7865|8456)|6(2220|854(0|1|2|3))|8(301(0|1|2)|4783|609(4|5|6)|931(7|8|9))|93428)|5(0(4300|8160)|13213|2(1076|4(130|514)|9(415|741))|3(0906|1095|2013|5(825|989)|6023|7767|9931)|4(3(085|357)|9760)|5(4180|7606|8848)|8(5265|8(8(4(5|6|7|8|9)|5(0|1))|98(2|3))|9(005|206)))|6(0(4906|5141)|36120)|9682(0(1|2|3|4|5|6|7|8|9)|1(0|1)))\d{10}$/

bendrucker commented 5 years ago

Looks good

nicolas-maalouf-cko commented 5 years ago

PR: https://github.com/bendrucker/creditcards-types/pull/51