Regular Expression Credit Card Filter

Unanswered Question
Apr 26th, 2007
User Badges:

I've been playing around with filters for credit cards and have yet to find one that stops all credit cards while limiting false positives because it is matching any random 16 characters.

I need one that blocks all amex, visa, mc, and discover without spaces, with spaces or with dashes.

This one has worked the best so far (it's a mish mash of filters I have found or tweaked or have been sent to me), but I think it can be improved. Any ideas? Anyone have a better filter they are using?


Discover Card:
(6011|5[1-5][0-9]{2}|4[0-9]{3}) [0-9]{4} [0-9]{4} [0-9]{4}

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
fastnoypi_ironport Mon, 08/27/2007 - 19:41
User Badges:

im not so versed at regular expressions, but i have found the following regular expressions on the web.

If someone can get these Ironport legal, maybe they might help with the false positives.

if (type == "Visa") {
// Visa: length 16, prefix 4, dashes optional.
var re = /^4\d{3}-?\d{4}-?\d{4}-?\d{4}$/;
} else if (type == "MC") {
// Mastercard: length 16, prefix 51-55, dashes optional.
var re = /^5[1-5]\d{2}-?\d{4}-?\d{4}-?\d{4}$/;
} else if (type == "Disc") {
// Discover: length 16, prefix 6011, dashes optional.
var re = /^6011-?\d{4}-?\d{4}-?\d{4}$/;
} else if (type == "AmEx") {
// American Express: length 15, prefix 34 or 37.
var re = /^3[4,7]\d{13}$/;
} else if (type == "Diners") {
// Diners: length 14, prefix 30, 36, or 38.
var re = /^3[0,6,8]\d{12}$/

thanks for the reg expression beneckij. I am still waiting to capture legit traffic, but getting false positves on South american phone numbers

jbivens_ironport Tue, 08/28/2007 - 13:36
User Badges:

Just as an FYI, in the 5.5 code coming next month there will be new options in Content Filters called smart identifiers which include credit card number where IronPort has pre-configured the credit card information into AsyncOS and it also include check bits to reduce false positives.

This is a very slick enhancement and should greatly reduce the number of false positives over the standard regex configurations discussed on this thread.


Jay Bivens
IronPort Systems


This Discussion