PIN management implementation may vary whether you are Full PCI compliant. In any case, be aware that:
The new PIN
- Can't be an ascending sequence. E.g. 1234
- Can't be a descending sequence. E.g. 4321
- Can't be a number repetition. E.g. 1111
If the merchant complies with the Payment Card Industry Data Security Standard (PCI DSS), Sensitive Card Data, such as the PIN, can be send encrypted inside the JSON Request Body using JWE.
Check Encryption flow here.
Our solution accomplishes this by rendering an iframe to handle input or update of the card PIN field on your web page while ensuring that you are compliant with PCI requirements.
Updated 13 days ago