Set PIN
A PIN (Personal Identification Number) is a numeric or alphanumeric string that is used to authenticate a person to a system. In the context of card payments, it adds an extra layer of security to ensure that the legitimate cardholder is ordering an operation.
In the Apto ecosystem there are several ways to establish the PIN of a card:
- Using the Core API
- Using the Mobile API
- Using the PCI SDK
This table summarizes the use cases for each case. In summary, if your company is not PCI compliant, you must use the PCI SDK since the PIN is considered sensitive data and cannot be processed by third parties.
| PCI compliant | Non PCI Compliant | |
|---|---|---|
| Green Program | Mobile API or PCI SDK | PCI SDK |
| Blue or Orange | Core API, Mobile API or PCI SDK | PCI SDK |
Set PIN using the Core API
Follow the API instructions
- Your company needs to be on the Blue or Orange Programs level to use this endpoint.
- Your company needs to be PCI compliant in order to process PCI protected data like PIN codes.
Set PIN using the Mobile API
Follow the API instructions
- Your company needs to be PCI compliant in order to process PCI protected data like PIN codes.
Set PIN using the PCI SDK
This is the recommended method for most cases.
Both from a web client and a mobile client, our SDKs offer a functionality to modify the PIN from a secure sandbox environment that only the cardholder has access to. In addition, it will be necessary for the cardholder to enter a one time password (OTP) to verify their identity before confirming the operation. In the Green Program, this OTP consists of an SMS sent to the cardholder's phone.
Set PIN using the Interactive Voice Response (IVR)
The Interactive Voice Response service enables the cardholder to modify the card PIN by calling the phone number +1 (855) 459-03172.