Issuer PIN Security Guidelines - Visa
Issuer PIN Security Guidelines - Visa
Issuer PIN Security Guidelines - Visa
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
• Any cryptographic keys used to generate or protect reference numbers<br />
should be managed in accordance with the key management section .<br />
• The process should not involve issuer personnel handling plaintext <strong>PIN</strong><br />
values that can be linked to an identifiable cardholder or their account .<br />
• Receipt of the <strong>PIN</strong> advice form should be by authorized issuer personnel .<br />
• Residues of <strong>PIN</strong> mailers should be destroyed as part of operational<br />
procedure .<br />
Cardholder <strong>PIN</strong> Selection by Internet<br />
<strong>PIN</strong> selection by internet requires the cardholder to communicate credentials to<br />
the issuer’s <strong>PIN</strong> notification system via an intermediate internet based <strong>PIN</strong> advice<br />
function .<br />
• <strong>PIN</strong> selection by internet should protect the <strong>PIN</strong> using commensurate<br />
cryptographic protection as when <strong>PIN</strong>s are transmitted during transaction<br />
processing, until it arrives at the cardholder’s computer .<br />
• <strong>PIN</strong> selection by internet should be accomplished by instructing the<br />
cardholder to enter pre-established credentials: for example a control<br />
number, a chosen <strong>PIN</strong> and authentication values .<br />
• The control number and authentication values should not disclose the<br />
account number .<br />
• Any cryptographic key used to generate a control number should not be<br />
used for any other purpose and should be managed in accordance with ISO<br />
11568 .<br />
• The control number should be generated and conveyed to the cardholder<br />
in such a way, e .g . by using a <strong>PIN</strong> mailer, so that no one other than the<br />
cardholder can associate the control number with that cardholder without<br />
detection .<br />
• The system should have no way of associating a control number or the<br />
authentication values with the associated cardholder’s name, telephone<br />
number, address or account number .<br />
• The <strong>PIN</strong> selection function should exchange only strings of numbers, (a<br />
control number and authentication values) with the issuer <strong>PIN</strong> notification<br />
system .<br />
• The <strong>PIN</strong> selection system should re-associate the control number with a<br />
specific account number, validate the cardholder (or the transaction if there<br />
is no mechanism for pre-registration of the cardholder as in an anonymous<br />
gift card) using the authentication values and retrieve the cardholder <strong>PIN</strong> for<br />
that account number .<br />
• The control number/<strong>PIN</strong>/authentication values string should not be logged<br />
and should be deleted immediately after use .<br />
2 2 <strong>Issuer</strong> <strong>PIN</strong> <strong>Security</strong> <strong>Guidelines</strong><br />
<strong>Visa</strong> Public © 2010 <strong>Visa</strong>. All Rights Reserved.