An Enhanced PIN Security Mode is available. This optional mode
is selected by enabling the PTR Enhanced PIN Security access control
point in the PCICC, PCIXCC, CEX2C, or CEX3C default role.
When active, this control point affects all PIN callable services
that extract or format a PIN using a PIN-block format of 3621 or 3624
with a PIN-extraction method of PADDIGIT.
Table 165 summarizes the callable services
affected by the Enhanced PIN Security Mode and describes the effect
that the mode has when the access control point is enabled.
Table 165. Callable Services Affected by Enhanced PIN Security ModePIN-block format and PIN-extraction
method | Callable Services Affected | PIN processing changes when Enhanced
PIN Security Mode enabled |
---|
ECI-2, 3621, or 3624 formats AND PINLENxx | PIN-block format and PIN-extraction
method
Clear_PIN_Generate_Alternate
Encrypted_PIN_Translate
Encrypted_PIN_Verify | The PINLENxx keyword in rule_array parameter
for PIN extraction method is not allowed if the Enhanced PIN Security
Mode is enabled.
Note:
The services will fail with return
code 8 reason code '7E0'x. | 3621 or 3624 format and PADDIGIT | Clear_PIN_Generate_Alternate
Encrypted_PIN_Translate
Encrypted_PIN_Verify
PIN
Change/Unblock | PIN extraction determines the PIN length by
scanning from right to left until a digit, not equal to the pad digit,
is found. The minimum PIN length is set at four digits, so scanning
ceases one digit past the position of the 4th PIN digit in the block. | 3621 or 3624 format and PADDIGIT | Clear_PIN_Encrypt
Encrypted_PIN_Generate
Encrypted_PIN_Translate | PIN formatting does not examine the PIN, in
the output PIN block, to see if it contains the pad digit. | 3621 or 3624 format and PADDIGIT | Encrypted_PIN_Translate | Restricted to non-decimal digit for PAD
digit. |
|