Documentation

Personalised Identification Number (PIN) Management

Keeping Your Customers Secure with PIN Verification

To protect your customers from fraud, they'll need to verify their identity when making purchases using a PIN — a four or six-digit code encrypted on the card's Chip.

How PIN verification works:

Offline PIN

  • The Point of Sale terminal verifies the PIN directly against the Chip (common in Europe) using EMV encryption
  • CLOWD9 will receive the authorization where the PIN has been entered correctly; otherwise the terminal will return an Incorrect PIN entered message
  • The Offline PIN can be entered incorrectly a maximum of three times before becoming blocked, preventing Chip and PIN verified transactions and Contactless transactions
  • The PIN must then be Unblocked

Online PIN

  • CLOWD9 verifies the PIN in real time, also using EMV encryption
  • Where the PIN is incorrect, CLOWD9 will return a decline response to the Network as Incorrect PIN
  • Three incorrect attempts will block the PIN, just like with the Offline PIN
  • All purchase types will not be permitted, including Internet, mail order transactions until the PIN is Unblocked

Setting the PIN

The PIN is normally a four or six digit value based on your Product configuration which is either generated by CLOWD9 or provided by you when using the following APIs:

  • Onboard Card
  • Create Card
  • Virtual to Physical Issuance
  • Replace Card

Customers can change their PIN later at an ATM (using PIN Services) or through the Set Secure PIN API if you offer this solution.

Retrieval of the PIN

Using the CLOWD9 Secure Frame Work, together with the Get Secure Card Details, you can display the PIN to to your Customer. This avoids the Customer forgetting the PIN and subsequently entering this incorrectly

PIN Unblock

Your Customer can unblock the Offline PIN using the ATM PIN Services and selecting Unblock.

If your Customer has blocked their Online PIN, most commonly caused by entering the PIN incorrectly at the ATM, this will need to be unblocked either by Vista or using the Set Secure PIN API, which can be exposed to your Customer in the App / Web portal.

The Vista and API PIN Unblock will reset the Online PIN on the CLOWD9 platform and generate scripts ready to be transmitted to the Customer's card to reset the Offline PIN; however this will require an Online PIN verified transaction. Therefore the recommendation is for your Customer to insert the card at the ATM and perform either the PIN Unblock or any of the other services supported.

If your Customer attempts to use the card at a POS terminal which does not support the Online PIN verification, then the Chip and PIN will remain blocked.

PIN Change

The PIN can be changed at any point in time by the Customer selecting a new PIN at the ATM.

Where your Customer does not know or remember the PIN, a new PIN will be required. Using the Set Secure PIN API you can either have CLOWD9 generate a new one or provide a set value.

CLOWD9 will update the new value on our platform securely and generate the required scripts. At this stage, the PIN on the Chip and the new value will not match and will require synchronisation. This will require the Customer to use an Online PIN terminal. As with the PIN Unblock process, the recommendation is for your Customer to insert the card at the ATM and perform either the PIN Unblock or any of the other services supported.

Until the Chip has been updated, the old PIN will be valid and the new PIN will not be accepted



Updated 1 day ago