Digital PIN – The Next Step in Digital First Banking

Last updated: 10 November 2022

In the past decade, the banking sector has undergone a massive transformation – putting speed, security, environmental considerations and user experience at its core. This blog post will be looking at how Digital PIN – a modern way to set, deliver or recover an EMV Card PIN code – is part of the modern card program strategy   

The PIN Code as a Card Verification Method for EMV Payment Cards 

The 4 digit PIN Code is a technology that has come to be part of everyday life and was introduced as a Card Verification Method (CVM) in the EMV standard to perform user authentication.  

PIN code verification can be performed online or offline.  The EMV standards allows two additional forms of CVM:  signature and “nothing” for low-amount contactless payments. 

What is a Digital PIN vs Current EMV card PIN code as we know it? 

Currently, when a customer registers for a new EMV card, it will typically be shipped to them in the post. This will be followed by another letter containing the 4-digit pin number that’s been assigned to them.  

Digital PIN refers to a new “digital delivery and management” mechanism: instead of a PIN code being sent in the post, it is delivered via an app (or secure SMS) enabling customers to use their card with seconds of it arriving.  

This virtual PIN delivery looks set to replace paper mailing delivery.  Users can create their preferred 4 digit PIN code right from the app.  Later on they can recover their PIN code when lost, or change the current code for a new one. All these happen instantaneously and give the user more ‘real-time’ control than ever. But that’s not the only way users are gaining more control over their banking. 

Modern card issuance  

A new approach to the payment card lifecycle is becoming more common. It puts the user in control to order, manage and use banking cards, right from the bank’s mobile app 

The PIN code delivery method using a paper mailer was appropriate in a physical first, digital later era when getting a new card took a few days. Switching to a digital PIN delivery solution meets three crucial new trends: 

  • First, digital delivery is instantaneous and therefore more in-line with consumer expectations.  Cards can be activated and used right away, leading to higher transaction rates.  The customer controls both card issuance and PIN management 24/7 from their app. 
  • Second, digital delivery for the PIN code is more environmentally-friendly as it cuts the need for paper mailers.  Given the billions of EMV payment cards delivered worldwide every year, this is a significant environmental win as you can see in this Infographic. 
  • Third, as we move to the people are using more digital cards. The rise of digital wallets and online payments is changing the proportion of physical/digital cards that each individual cardholders uses every day and consequently the need for a digital PIN delivery.    

Mobile banking

This is part of the new, global card experience.  Fintechs have led the way and demonstrated the look and feel of modern mobile banking apps; now the entire market is following suit. Digital PIN delivery is no longer “nice to have”, but critical to the modern card user experience. 

As we are now heading into a digital first, physical later approach to payment credentials, Thales helps financial services players implement modern card programmes with the Thales D1 issuing platform.  This brings simple, UX level APIs that orchestrate the entire issuing stack. It manages both the mobile front end to implement features such as Digital PIN but also orchestrate all the core banking infrastructure to build the three following use cases:   

  1. Set a preferred PIN code 
  1. Securely display the PIN code in the app in accordance to PCI DSS regulations  
  1. Allow fast PIN code recovery in-app  

The bank mobile app is going through a revolution and Digital PIN is a visible part of it.   

Want to know more?

Read our latest articles here:

Leave a Reply

Your email address will not be published.