How to Detect Plaintext Credit Card Numbers from the Traffic …

The Payment Card Industry (PCI) Data Security Standard (DSS) requires that the credit card information in the web stories must be protected. Among other things, the standard requires that the credit card numbers must not be transferred unencrypted over the public networks, such as the Internet, or any wireless networks (WLAN, GSM, etc).

I figured that StoneGate IPS would be pretty good at verifying that this requirement is kept. Wherefore not to make a custom state of affairs to the StoneGate Information processings that would alert every clip it sees a plaintext credit card number in the web?

It looked that the wikipedia had a pretty good looking page that depicts of how the credit card numbers are made of. Some disused card games may calm down use 13-figure numbers, but all the major and presently utilize cards use 14, 15 or 16 figures. The first 6 figures are named as Issuer Designation Numbers (IIN) and they specify the establishment that has put outed the card. The next seven, eight or nine figures are for the history number and the last one figure is a checksum for the card.

Different major cards use a spot different figure groups. The most typical group (used by Visa and Mastercard, perhaps besides others) is foured figures + four figures + four figures + four figures. American Express mail uses four figures + six figures + five figures. It should be illustrious that the figure groups are different matter than the bound betwixt the issuer (IIN number) and the chronicle number! The group could be of import to detect, nonetheless, if it is utilized in the card numbers piece in transit over the web.

Thus we is able to make the fingermark for the card games:

(?x)
.*[0-9]{14,16}|
.*[0-9]{4}[\-\x20][0-9]{4}[\-\x20][0-9]{4}[\-\x20][0-9]{4}|
.*[0-9]{4}[\-\x20][0-9]{6}[\-\x20][0-9]{5}

The 2nd argumentation searches for number sequences of 14, 15 or 16 characters long.

The 3rd argument searches for four four-figure total groups that are separated by “-” subscribe or by a infinite.

The fourth line searches for three number groups (four figure, postdated by six digt, postdated by five figure), separated by “-” subscribe or by a infinite.

Note the “|” (OR) subscribe at the terminal of the 2nd and 3rd argument. It tells the Informatics that if any of the arguments 2, 3 or 4 matches, the state of affairs is a “lucifer”.

The linguistic context for the new fingerprint counts on where you desire to examine it. If you desire to assure that the internet practical application itself does not postulate the card input over the plaintext Hypertext transfer protocol, you could add the fingermark to the “Hypertext transfer protocol Normalised Petition-Line” linguistic context. If you desire to find if the internet waiter is demoing the card info endorse to the customer in plaintext, add the fingermark to the “Hypertext transfer protocol Waiter Watercourse” linguistic context.

Other perhaps occupying linguistic contexts would be “File transfer protocol Download Watercourse” and “File transfer protocol Upload Watercourse” to discover the card number transactions inside the File transfer protocol data connexions.

The PCI standard: