PIN-Set Procedures

A personal identification number is an anti-fraud measure that helps authenticate the cardholder at physical points of sale and ATMs. At the time customers activate their cards they also set a PIN. Customers may also want to set a new PIN at a later time.



When you reissue or replace a card with a new PAN, you must also set a new PIN. Reissued cards with the same PAN but new expiry do not need a new PIN.

You can set a PIN for a physical card or for a virtual card that is provisioned to a mobile wallet, in the event that the wallet is presented at a physical NFC device that accepts PINs. For virtual-only cards that are not in mobile wallets you do not set a PIN.

At account creation, you can set a default PIN by setting the product parameter CASPO to one of these options:

  • Last 4 digits of home phone
  • Last 4 digits of mobile phone
  • Last 4 digits of PRN
  • Four zeros: 0000 (default)

For other use cases you have these options for setting a PIN for a card, either as part of the card-activation procedure or to reset a PIN.

  • Galileo IVR (automated phone system) — The cardholder calls a number that is on a sticker on the new card and inputs the card and PIN information using the phone keypad. You do not need to be PCI compliant to use this method. Contact Galileo for implementation instructions.
  • Direct render — The cardholder goes to your web page or mobile app and enters the new PIN through a form that Galileo hosts. You do not need to be PCI compliant to use this method. See Direct Render PIN-Set Procedure.
  • Direct POST — The cardholder goes to a web page or mobile app and enters the new PIN through a web page that you host. You must complete PCI-DSS Self-Assessment Questionnaire A-EP (191 of 250 PCI requirements) to use this procedure. See Direct POST PIN-Set Procedure.

Offline PINs

Some implementations of EMV chips permit card readers to validate PINs without contacting the issuer. With offline PIN validation, the chip contains a PIN block (encrypted PIN) that the card reader compares to the PIN provided on the keypad. The card reader includes the result in the authorization request message.

When a cardholder changes the PIN for an offline-PIN-enabled card, the PIN in the chip must be updated the next time the cardholder inserts the card into a reader. By default, the update process rejects the first three PIN-verification attempts, because the new PIN that the cardholder enters and the embedded PIN are not the same. After the three failed attempts, the card reader then goes online to retrieve the new PIN from the issuer, and then it writes the new PIN on the chip.

To avoid a negative cardholder experience with multiple failed PIN attempts, you can set the FTPDY and FTPAM parameters so that the PIN block is updated on the chip after the first failed PIN attempt following a PIN change.