Offline PIN is a method of card verification valid for EMV chip cards in EU/UK. The PIN is encrypted and stored in the card’s EMV chip. This facilitates the user to do a transaction at a terminal with offline PIN validation capabilities.
The key difference between an Offline and Online PIN is the method of validation. When a cardholder uses the EMV chip card at a terminal with offline capabilities, the PIN entered is validated against the securely stored PIN in the EMV chip card. This is different from online PIN where the validation is performed by the card issuer over the network.
Please note that in case of offline PIN verification, the transmission of the PIN from the terminal to the card may be enciphered or in plain text, depending upon the terminal. If the entered PIN matches the stored offline PIN, the verification is successful. Otherwise, the verification fails.
As part of this flow in EU/UK, customers shall receive the physical cards with a preset PIN. This means the PIN is already present for first-time (or subsequent) usage. NIUM shall provide a Fetch PIN API to the client for implementation and the customer should be able to view existing PIN from the client’s mobile app or website. The PIN block is encrypted for additional security and needs to be decoded before displaying to the end-customer in the client’s application or website.
In case the customer intends to change the 4-digit PIN, he or she can change the PIN at an ATM or terminal with appropriate capabilities. When a customer updates the same at an ATM or POS terminal, the same information is updated in the EMV chip card as well.
Updated 3 days ago