The most common PIN-block formats are based on ISO 9564, but many more are in implemented worldwide. Another common problem is that same PIN-block calculation methods are being called with their aliases, making sometimes difficult to get a right one. This article brings a list of PIN-blocks applied in payments, their calculation methods and examples and bit of related background.

Well worded Wikipedia’s definition of a PIN-block format: «The PIN is used to verify the identity of a customer (the user of a bank card) within an electronic funds transfer system, and (typically) to authorize the transfer of funds, so it is important to protect it against unauthorized disclosure or misuse. Modern banking systems require interoperability between different card issuers, acquiring banks and retailers - including transmission of PINs between those entities - so a common set of rules for handling and securing PINs is required, both to ensure technical compatibility and a mutually agreed level of security.»

**Note that the same encoding & decoding functionality as covered in this article is also available through our freeware BP-Tools product**.

Is any PIN-block or its alias missing? Please let us know.

Is the first and most common PIN block encoding format based on ISO 9564 – an international standard for personal identification number (PIN) management and security in retail banking.

1. Prepare a PIN – L is length of the PIN, P is PIN digit, F is padding value “F”

2. Prepare PAN – take 12 rightmost digits of the primary account number (excluding the check digit)

3. XOR both values

The ISO-1 PIN block format is equivalent to an ECI-4 PIN block format. The ISO-1 PIN block format supports a PIN from 4 to 12 digits in length. A PIN that is longer than 12 digits is truncated on the right.

Prepare a PIN – L is length of the PIN, P is PIN digit, R is random value

Where:

> L – is the length of the PIN, which is a 4-bit value from X’4′ to X’C’.

> R – is a random digit, which is a value from X’0′ to X’F’. Typically, this should be used for predetermined transaction unique data such as a sequence number.

Format 2 is for local use with off-line systems only (e.g. smart cards).

Prepare a PIN – L is length of the PIN, P is PIN digit, F is padding value ‘F’

Where:

> L – is the length of the PIN, which is a 4-bit value from X’4′ to X’C’.

> F – is a padding character, which is a value of X’F’.

Format 3 is the same as format 0, except that the “fill” digits are random values from 10 to 15, and the first nibble (which identifies the block format) has the value 3.

1. Prepare a PIN – L is length of the PIN, P is PIN digit, R is random value from X’0′ to X’F’

2. Prepare PAN – take 12 rightmost digits of the primary account number (excluding the check digit)

3. XOR both values

ISO 9564-1: 2017 Format 4. Format 4 uses AES-128 ECB encryption. PIN Block is padded with fill digit ‘A’ and also with random random values from 0 to 15, and the first nibble (which identifies the block format) has the value 4.

1. Prepare a PIN – L is length of the PIN, P is PIN digit, F is fill digit ‘A’. R is random value from X’0′ to X’F’

2. Prepare PAN – take the primary account number – M is PAN length indicating PAN length of 12 plus the value of the field ‘0’-‘7’ (ranging then from 12 to 19). If the PAN is less than 12 digits, the digits are right justified and padded to the left with zeros and M is set to ‘0’. A is PAN digit, 0 is PAD digit ‘0’

3. PIN block is encrypted with AES key

4. The resulting Intermediate Block A is then XOR’ed with PAN Block

5. The resulting Intermediate Block B is enciphered with the AES key again so we get the Enciphered PIN Block

Same as ISO-0.

The OEM-1 PIN block format is equivalent to the PIN block formats that Diebold, Docutel, and NCR define. The OEM-1 PIN block format supports a PIN from 4 to 12 digits in length. A PIN that is longer than 12 digits is truncated on the right.

1. Prepare a PIN – P is PIN digit, X is pad value, which is a 4-bit value from X’0′ to X’F’

Where:

> P – is a PIN digit, which is a 4-bit value from X’0′ to X’9′. The values of the PIN digits are independent.

> X – is a pad value has a 4-bit value from X’0′ to X’F’ and must be different from any PIN digit. The number of pad values for this format is in the range from 4 to 12, and all the pad values must have the same value.

Same as ISO-0.

The ECI-2 PIN block format supports a 4-digit PIN. A PIN that is longer than 4 digits is truncated on the right.

1. Prepare a PIN – P is PIN digit, R is random value

Where:

> P – is a PIN digit, which is a 4-bit value from X’0′ to X’9′. The PIN length for this format is always 4.The values of the PIN digits are independent.

> R is a random pad value, which is a value from X’0′ to X’F’. This format contains 12 random pad values that can have different values.

The ECI-3 PIN block format supports a PIN from 4 to 6 digits in length. A PIN that is longer than 6 digits is truncated on the right.

1. Prepare a PIN – L – is PIN length, P is PIN digit, 0 is padding character for PIN shorter than 6 digits, R is random value

Where:

> L is the length of the PIN, which is a 4-bit value from X’4′ to X’6′.

> P – is a PIN digit, which is a 4-bit value from X’0′ to X’9′. The values of the PIN digits are independent.

> 0 – is a filling character for PIN’s shorter than 6 digits, so 4 digit PIN will be extended to 6 digits (1234 -> 123400).

> R is a random pad value, which is a value from X’0′ to X’F’. This format contains 9 random pad values that can have different values.

Same as ISO-1.

The 3621 PIN block format supports a PIN from 1 to 12 digits in length. A PIN that is longer than 12 digits is truncated on the right.

1. Prepare a PIN – S1,S2,S3,S4 form a 2-byte sequence number that 3621 (or the originating terminal or node) assigns. P is PIN digit, X is defined padding value

Where:

> S1 S2 S3 S4 – Forms a 2-byte sequence number that the 3621 (or the originating terminal or node) assigns. A 3621 assigns the sequence number in ascending order, starting with X’0000′.

> P – is a PIN digit, which is a 4-bit value from X’0′ to X’9′. The values of the PIN digits are independent.

> X – is A pad value has a 4-bit value from X’0′ to X’F’ and must be different from any PIN digit. The number of pad values for this format are in the range from 0 to 11, and all the pad values must have the same value.

The 3624 PIN block format supports a PIN from 1 to 16 digits in length. A PIN that is longer than 16 digits is truncated on the right.

1. Prepare a PIN – P is PIN digit, X is defined padding value

Where:

> X – is A pad value has a 4-bit value from X’0′ to X’F’ and must be different from any PIN digit. The number of pad values for this format are in the range from 0 to 15, and all the pad values must have the same value.

The 4704 encrypting PIN Pad PIN block format supports a PIN from 1 to 13 digits in length. A PIN that is longer than 13 digits is truncated on the right.

1. Prepare a PIN – L – is a PIN length, P is PIN digit, F is padding value ‘F’, S1 S2 is a 1-byte sequence number

Where:

> L – is the length of the PIN, which is a 4-bit value from X’4′ to X’D’.

> F – is A pad value has a 4-bit value of X’F’. The number of pad values for this format are in the range from 0 to 12.

> S1 S2 – is a 1-byte sequence number from X’00’ to X’FF’.

Same as IBM 3621.

Same as ISO-0.

The VISA-2 PIN block format supports a PIN from 4 to 6 digits in length. A PIN that is longer than 6 digits is truncated on the right.

1. Prepare a PIN – L – is PIN length, P is PIN digit, 0 is padding character for PIN shorter than 6 digits, D is decimal value

Where:

> L is the length of the PIN, which is a 4-bit value from X’4′ to X’6′.

> 0 – is a filling character for PIN’s shorter than 6 digits, so 4 digit PIN will be extended to 6 digits (1234 -> 123400).

> D is a decimal pad value, which is a 4-bit value from X’0′ to X’9′. All nine pad values must have the same value.

The VISA-3 PIN block format supports a PIN from 4 to 12 digits in length. A PIN that is longer than 12 digits is truncated on the right.

1. Prepare a PIN – P is PIN digit, F is PIN delimiter, X is a pad value

Where:

> F – is a a PIN digit or a delimiter X’F’. If the preceding digit is the last (or rightmost) PIN digit, this digit is the delimiter X’F’.

> X is a pad value, which is a 4-bit value from X’0′ to X’F’. All the pad values must have the same value.

The VISA-4 PIN block format supports a PIN from 4 to 12 digits in length. A PIN that is longer than 12 digits is truncated on the right.

1. Prepare a PIN – 0 – is the value X’0′, L is length of the PIN, P is PIN digit, F – is the value X’F’ for the pad value, PAN is twelve 4-bit digits representing the leftmost 12 digits of the primary account number (excluding the check digit).

2. Prepare PAN – take 12 leftmost digits of the primary account number (excluding the check digit)

3. XOR both values

Where:

> 0 is the value X’0′

> L – is a PIN length

> P is a PIN digit, which is a 4-bit value from X’0′ to X’9′. The values of the PIN digits are independent.

> F – is a pad value of X’F’. The number of PAD digits X’F’ in the intermediate PIN block (IPB) is in the range from 2 to 10.

> PAN – is twelve 4-bit digits representing the leftmost 12 digits of the primary account number (excluding the check digit). Each PAN digit has a value from X’0′ to X’9′.

The AS2805 Format 1 PIN block format is similar to an ISO-1 PIN block format. The PIN block format supports a PIN from 4 to 12 digits in length.

1. Prepare a PIN – L is length of the PIN, P is PIN digit, R is random value

Where:

> L – is the length of the PIN, which is a 4-bit value from X’4′ to X’C’.

> R – is a random digit, which is a value from X’0′ to X’F’.

The AS2805 Format 8 PIN block (format 46) is similar to an Format 1 PIN block format. The PIN block format supports zero length PIN Block.

1. Prepare a PIN – L is length of the PIN, P is PIN digit, R is random value

Where:

> C – Control field, if is X’0′, then the PIN block is processed as a standard format 01 PIN block.

> L – is the length of the PIN, which is a 4-bit X’0′ or value from X’4′ to X’C’. If it is X’0′ then the PIN block is a Zero PIN block. No checking of the PIN block is required in this case.

> R – is a random digit, which is a value from X’0′ to X’F’.

> F – the X’F’ character.