Walks like a duck, quacks like a duck - is it a fraud?

April 28, 2017 by Scott Register

Walks like a duck, quacks like a duck, but has a green beak…then it must be a pig?

Wouldn’t it be amazing if there was a magic formula or key that would let us separate the good from the bad – the truth versus a fraud? An equation that told us if someone has green eyes, blonde hair, a blue backpack, and a tube of lip balm, then that person must have a pink toenail. The lack of a pink toenail would therefore mean something was amiss and we should filter the person out.

More often, we find ourselves  relying on some sort of subjective profiling – often leading to false positives and eventually a decision to either fail-open or fail-closed versus trying to filter.

Fortunately, we are in the business of providing visibility to support intelligent filtering when it comes to things like networks and credit card data, which does in fact have a secret key. That oddly long string of digits that make up a credit card number – as well as debit/ATM and social security numbers of many nations for that matter – has a method to its madness. For example, on a 16-digit credit card, the first 15 digits tell us who issued the card e.g. Visa or Mastercard and the account number. That leaves the last digit – this is the “key.” This final digit is not random, but in fact, it is added on to signal to us if the series of numbers that come before it is a valid combination or not.

This technique uses the Luhn algorithm, a simple formula involving manipulating and adding the digits in a series together. It allows us to check if a credit card number is valid format in less than the blink of an eye.

Ixia recently added this simple but effective calculation to the data masking plus feature of our network packet brokers to reduce false positives. The data masking plus feature has pre-defined formats for standard credit card numbers such as Visa, MasterCard, America Express, Diners Club, etc. so numbers can be masked for Payment Card Industry Data Security Standard (PCI-DSS) compliance and user security. However, without validation, any number which has 15 or 16 digits that appear to be credit card numbers would be masked.

Data masking plus

For an organization that uses 16-digit product barcodes or any other 15 or 16-digit number, this could cause chaos! Adding this next level of validation helps simplify things for our users, offering true intelligence from our products and platforms. Without having to write any regular expressions, our users have the visibility they need, without security risks and false positives.

It is simple to use and easy to setup too:


Learn more about data masking plus and other AppStack capabilities Ixia offers as part of its Visibility Intelligence.