PIN MANAGEMENT SYSTEM

OBSIDIAN PIN 

ObsidianPIN enables secure PIN selection and allows cardholders easy reminders or changes after issuance. 

There are nearly 13 billion chip cards deployed today, and the majority use PINs (Personal Identification Numbers) to authenticate in-person transactions or to access accounts at ATM machines.

But consumers forget PINs all the time, and get frustrated if they’re subsequently locked out of accounts until the issue is resolved. 

 

GET IN TOUCH →

 

 

Obsidian: putting security at the heart of global payments

Obsidian sits at the heart of global payment infrastructure, whether on-premise or in the cloud, providing the complete package of issuer payment services.

Created by our technology masters to deliver sovereignty and flexibility in card issuance, Obsidian is accessed via one easy-to-use platform. It lets you pick and choose the modules you need, from card issuance or PIN management, through to transaction processing, key management and PCI compliance.

Whatever your role in card issuance, Obsidian has you covered.

IMG_PDF (4)

Securely managing PINs is critical to establishing consumer trust in their bank.

Financial institutions that can offer secure, remote PIN reminders or PIN resets, typically via mobile devices, give themselves a competitive advantage, as they can provide a great customer experience that enables speedy, authorized access to accounts once again.

We recognize the importance of digital PIN management, crafting solutions that enable:

  • New PINs: Randomly issued PINs for new cards
  • Personalization: Self-selection of a preferred PIN during the customer onboarding process
  • Choice: PIN changes after the card is issued (whether managed online or offline)
  • Reminders: PIN reminders delivered securely via phone, app, web or text message (such as through one-time-passcodes)
  • Secure storage and verification of PINs

ObsidianPIN can be implemented as the system of record for PINs.

Storing PIN data in the ObsidianPIN Vault, rather than in a Card Management System, helps existing systems to achieve PCI compliance, while ensuring that strong encryption and aliasing techniques are used to protect stored PINs.

If customers cannot self-select a PIN when the card is issued, ObsidianPIN helps by supporting the generation of PINs individually on demand, or in bulk batches. It also allows subsequent changes of PINs.

Easy integrations and verification

ObsidianPIN integrates with existing infrastructure through web services APIs and can also support messaging and XML file-based interfaces, such as for bulk PIN import.

Depending on the implementation options selected, ObsidianPIN will interface with:

  • Card management systems
  • Web and mobile banking servers
  • SMS gateways
  • IVR servers
  • Authorization systems
  • Core banking systems

Our technology masters have also created a simple API that can be used for verification purposes during transaction processing or for cardholder identification.

ObsidianPIN delivers PIN Verification Values (PVVs) and/or PIN Offsets to existing authorization systems or networks, and can also interact with our ObsidianIssuance module or other data preparation systems to inject PINs into the card personalization process.

ObsidianPIN offers connectivity to an API that enables mobile banking app and website designers to implement the security protocols developed by our cryptography master craftsmen.

These ensure that PIN data is:

  • Always encrypted in transmission
  • Never associated with card or personal data
  • Protected even within insecure browser domains.

With our API, designers can develop PIN capture and display features in web and mobile apps that maintain the issuer’s UX, while using our technologies to deliver high security.

If easy API integrations aren’t for you, we also offer a JavaScript widget that can be used in a browser-based web channel to invoke an on-screen Virtual PIN Pad™. In addition to using our end-to-end security protocol, this widget implements extra security features to prevent key logging and screen-scraping attacks.

All of our ObsidianPIN capture and display processes meet the highest security standards demanded by the Payment Card Industry Security Standards Council (PCI SSC) and card payment schemes.

 

 

EMV® is a registered trademark in the U.S. and other countries and an unregistered trade mark elsewhere. The EMV trademark is owned by EMVCo, LLC.

Want to know more? 
 
 TALK TO SALES
Want to know more?   TALK TO SALES