If you’ve ever had to manually key a credit card number into an automated phone system, you’ve probably wondered why the number is so long. Actually, each digit in a credit card number is important for validation, security and identification during credit card processing. Take a moment to learn what each of these digits means.
The Origin of the 16 Digits on Credit Card Numbers
Card numbers have been standardized according to ISO/IEC 7812-1:2006 since 1989. This document is from the International Organization for Standardization, and it is this standardization that allows consumers to use some credit cards anywhere on the planet.
Digits 1 – 6: Issue Identifier Number
- First digit: This identifies the major industry that produced the credit card. For example, a 4, 5, or 6 in the first digit identifies banks and financial institutions
- Digits 2 – 6: Along with the first digit that identifies the industry, the first six digits provide a unique identifier for a particular institution. Some institutions may have more than one unique identifier for different lines of business. For example, you might notice that your debit card begins with a different digit than your credit card from the same bank.
Taken together, the first six digits are called the issue identifier number, or IIN. In the past, these numbers were called the bank identification number, or BIN. Since not all issuers are banks, this name changed, but you might still see references to a BIN or bank identification number in some references. In any case, credit card issues register their unique IIN numbers with the American National Standards Institute.
Digits 7 – 15: Unique Personal Identifier
These numbers uniquely identify the person holding the account. The card issuer allocates them, and they are unique for the issuer that generates them. You could have a different identifier for different cards from the same issuer.
Digit 16: Check Digit
The last digit is called a check digit, and it is used to verify card 
numbers for accuracy. Because it is calculated according to a public domain formula called the Luhn algorithm, it is not intended to protect against malicious attacks against merchant services of POS systems. In fact, the patent for the Luhn algorithm dates back to 1960, and examples of computer code to calculate the final digit are freely available online.
Rather, this last digit is only intended to verify that a credit card number was not accidentally typed in wrong when making phone or online payments, and that is how it is used in credit card processing today.
