Data integrity — validation and verification
Keeping data accurate
- Integrity means data is accurate and complete.
- Two techniques guard it: validation (before storing) and verification (when entering or transferring).
- They answer different questions — you need both.
Validation — does the data make sense?
- Validation checks data against sensible rules, automatically:
- range check (a month is 1–12), length check (right number of characters),
- type/character check (digits only), format check (an email contains
@), - presence check (required fields not empty), and a check digit (an extra digit computed from the rest, as on ISBNs and card numbers, that spots transcription errors).
Checking that a month entered is between 1 and 12 is a:
A range check confirms a value lies within sensible limits.
Match each validation check to its purpose.
Presence = not empty; format = matches a pattern; check digit = computed to catch mistyped digits.
What validation can't do
- Validation catches data that is wrongly formatted.
- It cannot catch data that is the right format but factually wrong — typing "Bob" instead of "Bib" passes every check.
- For that, you need verification (and human care).
Why can validation still let bad data through?
Validation checks the form, not the truth — a correctly formatted but wrong value passes.
Verification — was it copied correctly?
- Verification checks the data wasn't changed in moving from one place to another.
- On entry: double entry (type it twice and compare, like a new password) or a visual check.
- On transfer (bits can flip): a parity check (an extra bit makes the number of 1s even/odd — catches single-bit errors), a checksum (a summary value recomputed and compared), or a stronger CRC.
A parity check works by:
The parity bit makes the count of 1s even or odd; the receiver re-counts to detect a single-bit error.
Asking a user to type a new password twice is an example of:
Double entry compares two typed copies to verify the data was entered correctly.
Validation vs verification
- Validation asks: "is this data sensible?"
- Verification asks: "was this data copied/entered correctly?"
- Verification proves what arrived matches what was sent — not that it is correct, and not against deliberate tampering.
Which statement is correct?
Validation tests sensibility against rules; verification tests that the data was entered/transferred without change.
You've got it
- validation = automatic sensible-rule checks (range, length, type, format, presence, check digit)
- validation can't catch the right-format-but-wrong value
- verification = was it copied correctly: double entry (input), parity/checksum/CRC (transfer)
- validation = "sensible?"; verification = "copied correctly?" — use both