Decimalization tables can be loaded in the coprocessors to restrict attacks using modified tables. The management of the tables requires a TKE Workstation.

Clear PIN Generate (CSNBPGN and CSNEPGN), Clear PIN Generate Alternate (CSNBCPA and CSNECPA), Encrypted PIN Generate (CSNBEPG and CSNEEPG), and Encrypted PIN Verify (CSNBPVR and CSNEPVR) callable services will make use of the stored decimalization tables.

The ANSI X9.8 PIN - Use stored decimalization tables only access control point is used to restrict the use of tables. When the access control point is enabled, the table supplied by the callable service will be compared against the active tables stored in the coprocessor. If the supplied table doesn't match any of the active tables, the request will fail.

A TKE workstation (Version 7.1 or later) is required to manage the PIN decimalization tables. The tables must be loaded and then activated. Only active tables are checked when the access control point is enabled.