PIN Manager is primarily a solution for electronic capture and distribution of PINs through digital channels – web and mobile banking, SMS and IVR – those that are now predominantly used by banks and card issuers to communicate with customers. PIN Manager also provides PIN generation, secure PIN storage and PIN verification.
ePIN capture supports both customer self-select during the card ordering process and PIN change (including EMV® Offline PIN) after issuance. ePIN distribution can support initial notification of a randomly-chosen PIN for a new card, or PIN reminders in case of forgotten PIN.
PIN Manager (PM) integrates with existing infrastructure through web services APIs and can also support messaging and XML file-based interfaces – for bulk PIN import, for example. Depending on the implementation options selected, PM will interface with card management systems, web and mobile banking servers, SMS gateways, IVR servers, authorization systems and core banking systems. PM delivers PIN Verification Values (PPVs) and/or PIN Offsets to existing authorization systems or networks, and PM can also integrate with our card issuance solution or other data preparation systems to inject PINs into the card personalization process.
PM exposes an API that enables mobile banking app and website designers to implement the security protocols developed by our cryptography experts. These ensure that PIN data is always encrypted in transmission, is never associated with card or personal data and is protected within the insecure browser domain. With our API, designers can develop PIN capture and display features in web and mobile apps that maintain the issuer’s user experience (UX) but use our technologies to guarantee security.
An alternative to the API is provided by a JavaScript widget that can be used in a browser-based web channel to invoke an on-screen Virtual PIN Pad™ that in addition to utilizing the Aconite security protocol, implements extra security features to prevent key logging and screen-scraping attacks.
The PIN Manager capture and display processes meet the highest security standards demanded by PCI, card payment schemes and national standards organizations, such as UK Cards.
.png)
PM can deliver PINs to mobile phones via SMS messages, and in conjunction with web banking, IVR or call center, supports out-of-band verification (using one-time-passcodes) as required by payment card schemes.
IVR systems can implement the API as described above to provide PIN capture and notification functions.
PM can be implemented as the system of record for PINs. Storing PIN data in the PM’s PIN Vault rather than in a Card Management System, for example, helps those existing systems to achieve PCI compliance while ensuring that strong encryption and aliasing techniques are used to protect stored PINs.
Where self-select PIN is not provided on initial card issuance, the PM supports the generation of PINs both individually on demand or in bulk batches. The PM will then allow the subsequent change of PIN through ePIN capture.
PINs in the PIN Vault can be used for verification purposes during transaction processing or for cardholder identification. An API call for verification is provided.
EMV® is a registered trademark in the U.S. and other countries and an unregistered trade mark elsewhere. The EMV trademark is owned by EMVCo, LLC.
.png)
Contact us for more in-depth information on PIN Manager or our other payments solutions.
Lack of overview or trouble understanding EMV key management? EMV as seen from a crypto angle for all involved parties in acquiring and issuing.
Here we explain how to ensure key management compliance while managing costs for best practices and compliance audits.
At the leading edge of security provision within its key markets, Cryptomathic closely supports its global customer base with many multinationals as longstanding clients.
