PIN MANAGEMENT SYSTEM

Securely managing PINs is critical to establishing consumer trust in their bank.

Financial institutions that can offer secure, remote PIN reminders or PIN resets, typically via mobile devices, give themselves a competitive advantage, as they can provide a great customer experience that enables speedy, authorized access to accounts once again.

We recognize the importance of digital PIN management, crafting solutions that enable:

• New PINs: Randomly issued PINs for new cards
• Personalization: Self-selection of a preferred PIN during the customer onboarding process
• Choice: PIN changes after the card is issued (whether managed online or offline)
• Reminders: PIN reminders delivered
  securely via phone, app, web or text message (such as through one-time-passcodes)
• Secure storage and verification of PINs

PIN Manager can be implemented as the system of record for PINs. 

Storing PIN data in the PIN Manager PIN Vault, rather than in a Card Management System, helps existing systems to achieve PCI compliance, while ensuring that strong encryption and aliasing techniques are used to protect stored PINs. 

If customers cannot self-select a PIN when the card is issued, PIN Manager helps by supporting the generation of PINs individually on demand, or in bulk batches. It also allows subsequent changes of PINs. 

Easy integrations and verification

PIN Manager integrates with existing infrastructure through web services APIs and can also support messaging and XML file-based interfaces, such as for bulk PIN import. 

Depending on the implementation options selected, PIN Manager will interface with:

• Card management systems
• Web and mobile banking servers
• SMS gateways
• IVR servers
• Authorization systems
• Core banking systems 

Our technology experts have also created a simple API that can be used verification purposes during transaction processing or for cardholder identification, making it easier for FIs to manage.

PIN Manager delivers PIN Verification Values (PVVs) and/or PIN Offsets to existing authorization systems or networks, and PM can also integrate with our card issuance solution or other data preparation systems to inject PINs into the card personalization process.

PIN Manager offers connectivity to an API that enables mobile banking app and website designers to implement the security protocols developed by our cryptography master craftsmen. 

These ensure that PIN data is:

• Always encrypted in transmission
• Never associated with card or personal data
• Protected even within insecure browser domains. 

With our API, designers can develop PIN capture and display features in web and mobile apps that maintain the issuer’s UX, while using our technologies to deliver high security.

If easy API integrations aren’t for you, we also offer a JavaScript widget that can be used in a browser-based web channel to invoke an on-screen Virtual PIN Pad™. In addition to using the Aconite security protocol, this widget implements extra security features to prevent key logging and screen-scraping attacks.

All our PIN Manager capture and display processes meet the highest security standards demanded by the Payment Card Industry Security Standards Council (PCI SSC), card payment schemes and national standards organizations.