Revolutionizing PIN Issuance:
How New Web-Based Technology Expedites and
Secures the PIN Issuance Process
solution Brief
Introduction
Historically, recognition-based identification worked best in small, closely-knit communities.
Once people started traveling, once migrant populations grew in numbers, once cities grew
in size, visual recognition did not suffice. Over time, methods of personal identification have
evolved from simple name and face recognition to today’s electronic-based techniques. Much
of the impetus for this evolution has been the advancement of computer-based financial
transactions. It was more than 40 years ago that the first Automated Teller Machine (ATM) was
invented, as a means of simplifying access to one’s funds anywhere, not only at one’s bank
branch. The Personal Identification Number (PIN) came into existence at the same time as
a means of authenticating the person executing the transaction. Today, the PIN is still most
commonly used with ATM and credit cards.
Using basic two-factor authentication, the person inserts or swipes the encoded
card (something you have), and then enters the PIN (something you know). Two-factor
authentication provides the basis for non-repudiation of financial transactions, which is an
essential characteristic of card-based commerce.
Security is at the core of all PIN-based transactions. In fact, PIN could stand for Protection
Is Necessary, as it is imperative for cardholders to keep personal identification numbers
confidential and complex in order to maximize the security of their financial accounts. Having
someone’s PIN goes a long way towards gaining access to that person’s financial resources.
This is why card issuers tell their customers:
• Do not disclose your PIN to anyone.
• Do not write down your PIN or carry it in written form anywhere.
While cardholders must be cognizant of keeping their PIN secret, the matter of PIN privacy
originates with the card issuer. The ability to securely deliver PINs to cardholders must be a
priority of every card issuer and financial service provider. Sending PINs through traditional
mail is costly, time consuming, and, more importantly, highly insecure. Instead, why not look to
the same technology used to provide customers with access to their financial accounts—the
Internet. In the proper environment, PINs could be securely issued and managed over the Web,
providing a wide range of benefits to both the cardholder and the card issuer.
Traditional PIN Issuance Methods and Limitations
Traditionally, cardholders request a card by mail, Internet, or at their local branch office. In
a few weeks, the card arrives, followed by a separate PIN mailer with the assigned personal
identification number. Although a standard method of issuance, these tamper-evident,
laser-printed PIN mailers are known to be vulnerable to attacks that reveal the PIN without
tampering; for instance, angled-light attacks, where the reflective properties of the toner and
stationery are exploited to allow the naked eye to separate the PIN from the backing pattern.
In fact, all laser-printed mailers examined so far have been shown to be insecure.
Revolutionizing PIN Issuance: How New Web-Based Technology Expedites and 
Secures the PIN Issuance Process Solution Brief
1
Some card issuers prefer to issue cards and PINs in the local bank branch, where the
cardholder will be asked to select a PIN either through a dedicated terminal or at an ATM.
Problems occur here when fraudsters place overlays on ATM PIN pads to register cardholder
key strokes, or they switch out dedicated terminals with dummy terminals to gather the
sensitive PIN and cardholder data, often unbeknownst to the ATM or terminal owners. Others
perform PIN issuance through an Interactive Voice Response system that allows a computer to
detect voice and touch tones through a phone call.
Unfortunately, these systems cannot be secured in an effective manner. Chip-based cards
have the PIN stored in a secure zone on the chip itself; however, at some point, the chip
needs to be updated with the new PIN. In addition, some issuers use a PIN offset that is
encoded on the magnetic stripe, which must be re-encoded each time the PIN changes.
ATMs can accommodate PIN changes easily, while other technologies require the use of a
PIN change script to update the PIN in the chip. Chip cards provide for the ability to either
unblock or change a PIN without having to visit a branch. This process uses scripting
commands that are described in the EMV standards. Statistics available from the U.K.’s
implementation of Chip and PIN initiatives indicate that two percent of cards issued need to
be unblocked on a yearly basis. This is costly and time-consuming, and could have a negative
impact on customer service.
A Study in PIN Management
With 3.2 million customers, Egg Banking, plc, a Citigroup company, is the world’s largest
online bank. Several years ago, Egg began a search for a secure and convenient method of
delivering cards and PINs to their customers. Most companies were doing this by mail, which
is costly and insecure.
Egg wanted its customers to enjoy the best service experience possible by being able to use
their cards immediately after they received them, rather than having to wait seven to ten
days for their PIN to arrive by mail. Egg also wanted to lower the risk of PIN mailers being
intercepted en route to customers, as well as decrease the costs associated with providing
up to three million new PINs a year. Yet allowing customers to retrieve their PINs via the
Internet seemed dangerous, even to some of the company’s own IT people.
One of the biggest challenges of the project was ensuring that the customer was the only
person able to view their PIN. Preventing disclosure of the PIN across the entire transaction
would be difficult since typical SSL sessions meant encrypted data had to be decrypted on
the Web server. The card issuer holding Egg’s customer PIN data had doubts as to whether a
technology actually existed to achieve this goal.
The solution was found through the implementation of a Web-based application security
module, with an integrated hardware security module for secure key management, which
allowed Egg to deploy a secure end-to-end encrypted tunnel between the cardholder and
the card issuer. This provided cardholders with a safe and convenient way to retrieve their
PIN over the Internet.
One major benefit of this solution was the tangible cost savings. For every million
cardholders, Egg saves $5,000,000 a year in postage and fulfillment costs, while providing
the customer with a better service – a win-win situation for the bank and the customers.
These savings will continue as new card customers come to Egg, or existing customers need
new PINs or replacement cards.
Another major benefit was time savings. A PIN request through the Egg website is fulfilled
instantly, allowing the customer to immediately use the card. In addition, the PIN change/
request can be generated from a mobile device, adding increased convenience. In contrast,
a PIN request that has to go through the mail can take up to ten days, assuming it is not
subject to interception and does actually arrive.
Revolutionizing PIN Issuance: How New Web-Based Technology Expedites and 
Secures the PIN Issuance Process Solution Brief
2
“That’s a week or more that the cardholder is either not purchasing or is doing so with a card
from another issuer,” said Stuart Horler, Lead Architect at Egg. “Multiplied by the number of
credit card customers we have, that is a huge potential loss of revenue and an unnecessary
inconvenience for our customers.”
“Everyone understands that it’s important that customers trust online banking while, at the
same time, benefiting from its convenience, and this initiative will certainly improve the overall
experience,” said Dr. Rob Elliss, SafeNet’s Director of Sales for Northern Europe.
In summing up the project, Tracy Willis, Head of Technology Security at Egg, comments: “PIN
Browser provides a secure and highly convenient approach to PIN distribution for our customers.
Our partnership with SafeNet has enabled another online banking breakthrough for Egg.”
Securing the PIN Issuance Process
With the above solution, Egg realized a competitive advantage by offering the enhanced
customer experience of instantly issuing PINs over a secure, easy-to-use Web session. With
this solution, the hardware and software components are integrated into the card issuer’s
existing IT architecture and Web portal to facilitate the delivery of PINs across the Internet,
or other communications network, to the customer. Using hardware-based cryptographic
key management ensured that the keys and processes were stored and managed exclusively
within FIPS-validated hardware. Using the existing website and user authentication system,
this approach made use of standard Web security protocols without any requirement for
applets or browser plug-ins on the customer side. By leveraging existing authentication and
processing systems, no changes need to be made to the core architecture and, therefore, no
potential vulnerabilities can be introduced to these sensitive areas.
The PIN issuance solution is split into two distinct components—the authority and the agent.
The authority determines whether a user is eligible to receive a PIN from the system, as well as
provides the required cryptography for transactions. The agent is responsible for communication
with the customer and the chosen authority, and for secure delivery of the PIN to the customer.
Code signing and verification maintain the integrity of the Java application code and prevents
unauthorized application execution. Strictly enforced access and usage policies prevent
unauthorized access to sensitive applications or data. With tamper-resistant hardware,
network connectivity, and secure remote administration, a hardware security module makes it
possible to deploy sealed high-assurance Java Web service applications that translate into a
secure Web session using SSL.
Considering that the point of issuance can often be the weakest link in today’s heavily
mandated EFT (Electronic Funds Transfer) system, encryption has proven to be the most
effective data security solution, ensuring that the storage and transfer of consumer card data
is protected against manipulation and fraudulent card production. All user data is secured by
strong encryption while transiting the bank servers and public infrastructures.
It is vital that split security be maintained throughout the transaction so that a PIN number
is never associated with a particular card number or customer, thus ensuring protection from
both external and internal attackers. It is also imperative that management of the system is
segregated from the operation of the product, such that even the security administrators are
not able to gain access to critical data, such as PINs, at any time.
This solution saves card issuers millions of dollars each year, and is safe, fast, and
environmentally responsible. The level of security provided by encryption far surpasses that
of paper-based PIN mailers or voice-based interactive systems, thereby reducing fraud and
theft. With customers retrieving their own PINs, they feel more in control. They no longer
worry as to when their PINs will arrive and no longer have to wait for days or weeks before
they can use their card.
Financial institutions realize tangible cost savings by replacing or reducing the number of
physical PIN mailers that are issued, with the added benefit of preventing fraud by eliminating
PIN mailer interception. They also achieve a competitive advantage by eliminating any delay
Revolutionizing PIN Issuance: How New Web-Based Technology Expedites and 
Secures the PIN Issuance Process Solution Brief
3
between the time an account holder requests a new PIN and the time they receive it, thereby
minimizing the opportunity for a customer to use a competitor’s card during the waiting
process. Financial service providers can be assured that sensitive financial transactions
execute in a trusted environment that is immune to physical, logical, and operational threats.
About SafeNet
Founded in 1983, SafeNet is a global leader in information security. SafeNet protects its
customers’ most valuable assets, including identities, transactions, communications, data,
and software licensing, throughout the data lifecycle. More than 25,000 customers across
both commercial enterprises and government agencies, and in over 100 countries, trust their
information security needs to SafeNet.
Contact Us: For all office locations and contact information, please visit www.safenet-inc.com
Follow Us: www.safenet-inc.com/connected
©2011 SafeNet, Inc. All rights reserved. SafeNet and SafeNet logo are registered trademarks of SafeNet.
All other product names are trademarks of their respective owners. SB (EN)-02.09.11
Revolutionizing PIN Issuance: How New Web-Based Technology Expedites and 
Secures the PIN Issuance Process Solution Brief
4