Initially there was no validation for credit cards. There were programs called credit card generators that could generate a card from any bank in the world, with any name on card, etc.

If you wanted you could generate a card for McLovin from some bank in Hawaii and it would work.

I never used them but a close friend back in middle school did and got his computer taken away permanently.

This was a checksum that machines could run locally, to make sure the account # was "valid". Then, in batch, systems would connect to the bank for the account interaction.

Some services (AOL, when it charged by the minute) wouldnt do the actual bank reconciliation for a few days, during which you could use the service.

You used to be able to Google for transaction information from a particular e commerce shopping cart and get .txts of credit card info, name, address. The wild west was wild.

You could get the whole carbon from a counter at a department store if the cashier wasn't around.

I worked at Sears selling TVs while in college from 2002-04, and even in their latest POS systems anyone could walk up to the thermal printer, press a button (even with the register itself locked) and print out a reverse-chronological “journal roll,” which included names, addresses, phone numbers and full credit card numbers and expiration dates for every transaction. Crazy that anyone thought that was OK in the early 2000s.

Before carbonless, the carbon slips between the layers. There were up to 4 additional copies make on some of those kinds of forms and you'd have to press very hard with a ballpoint pen in order to get it to register at the bottom. Then, the credit card imprinter had to press the card to get through them.

Since most cards don't have raised numbers anymore, manual credit card imprinting is no longer possible.