CCA Release 2.54
PIN-Verb Summary
The following terms are used for the various “PIN” values:
A-PIN The quantity derived from a function of the account number, and
PIN-generating key, and other inputs such as a decimalization table.
C-PIN The quantity that a customer should use to identify himself. In general,
this can be a customer-selected or institution-assigned quantity.
O-PIN A quantity, sometimes called an offset, that relates the A-PIN to the
C-PIN as permitted by certain calculation methods.
T-PIN The trial PIN presented for verification.
The Clear_PIN_Generate verb (CSNBPGN) uses a PIN-generating key and an
account number to create an A-PIN according to the calculation method selected
through a rule-array keyword. See “PIN-Calculation Methods” on page E-2.
Certain calculation methods also accept a C-PIN value and return an O-PIN
calculated from the Coprocessor-generated A-PIN value.
The Encrypted_PIN_Generate verb (CSNBEPG) uses a PIN-generating key and an
account number to create an A-PIN according to the calculation method selected
through a rule-array keyword. The verb formats the A-PIN value into a PIN block
as specified in the input control information. The PIN block is returned encrypted
by the supplied OPINENC-type key.
The Clear_PIN_Encrypt verb (CSNBCPE) accepts a PIN value and formats the
input into a PIN block. The result is encrypted and returned. This verb can also
randomly generate PIN values and return these as encrypted PIN blocks. This
function is useful when an institution wishes to distribute (initial) PIN values to its
customers.
The Clear_PIN_Generate_Alternate verb (CSNBCPA) accepts an encrypted PIN
block that would normally contain a customer-selected C-PIN value. The verb
calculates the A-PIN from the account number and PIN-generating key and then
derives the O-PIN as a function of the A-PIN and the C-PIN. The O-PIN is
returned in the clear.
The Encrypted_PIN_Verify verb (CSNBPVR) accepts an account number and
PIN-verifying or PIN-generating key to internally produce an A-PIN. For certain
methods, the verb also accepts an O-PIN so that it can produce the correct value
that a customer should enter to access his account. The final input, an encrypted
T-PIN block, is decrypted, the customer-entered trial PIN is extracted from the block
and compared to the calculated value; equality or inequality is indicated by the
return code (and reason code) values. Return code 0 indicates the PIN is validated
while code 4 indicates that the trial PIN failed validation.
The Encrypted_PIN_Translate verb (CSNBPTR) is used to change the key used
later to decrypt or compare the PIN block. The verb can also extract the PIN from
one PIN-block format and insert the PIN into another PIN-block format before
reencryption. This service is useful when transferring PIN blocks from one domain
to another.
Chapter 8. Financial Services Support Verbs 8-5