Credit Card BIN Files

on Mar2

Written by

James Davis

Senior Technical Writer at United Thinkers

Author of the Paylosophy blog, a veteran writer, and a stock analyst with extensive knowledge and experience in the financial services industry that allows me to cover the latest payment industry news, developments, and insights. Read more

Reviewed by

Kathrine Pensatori

Reviewed by Kathrine Pensatori

Product Specialist at United Thinkers

Product specialist with more than 10 years of experience in the Payment Processing Industry. I help payment facilitators and PSPs solve their various payment processing issues. Read more

Most modern-time credit card fraud protection tools are based on geo-location principles, IP-address filtering, and cardholder data verification. In addition to these methods a merchant can enhance the security of its business, and improve card processing strategy by adding another filtering mechanism. The filtering can be based on various attributes of a card, identifiable through credit card BIN files.

The first 6 digits of a bank card number allow a merchant (and any business which processes bank card transactions) to learn additional information about the card by using pre-defined Bin ranges, that can be obtained from the acquirers. Based on the range the card number falls into, a merchant can understand additional information about the card.

BIN file

Information which can be obtained from BIN file includes the following elements:

The maximal length of PAN (primary account number)
Name of the issuing bank and the country of origin of the issuing bank (country of issue)
Card type (credit, debit, prepaid, charge etc.) and PIN capability (such as credit with no PIN, debit with PIN only, hybrid card etc.)
The list of debit networks (for debit cards) that can be used to process the card outside Visa and MasterCard networks.
Information on whether the issuer is Durbin-regulated or not. In case of a PIN-less debit the BIN range allows you to determine if the issuing bank is regulated by Durbin amendment or not. It might be cheaper to partner with regulated debit networks (especially if you are processing million-dollar worth of transactions).
Information on card’s usage for healthcare transactions (FSA/HSA)
Ways to identify pre-paid and gift cards
Card class (purchase card, business card, consumer card, personal card, corporate card)

If you are a merchant, dealing with payment cards, the information, learned from card BIN is a useful component of your fraud protection strategy. Beside fraud protection, you can also use this information for interchange optimization, and to lower your processing costs.

Examples

The most typical example would be a US-based online retailer that only wants to accept US-issued cards.
Another example could be a pharmacy that wants to force HAS cards on certain types of purchases.

Conclusion

If you are a merchant, you should ensure that your payment system includes the logic for verification and, if necessary, filtering of payment cards, based on their BIN ranges. This will protect you from consumer fraud and unreasonably high processing fees.