paySmart® PIN Protection
Service (PPS)

PIN Protection
Service (PPS)


An Issuers’ frequent need is a way to securely generate, store, and validate passwords. But for cost reasons, this is done exclusively in software, with all the risks of this approach.

With paySmart’s PPS service, Issuers can generate, validate and translate
passwords securely within Hardware Security Module (HSM) using a simple API.


With paySmart® PPS technology, password management is simple and within reach of any Issuer. The customer uses the same interfaces that it is already used to and has the same level of protection used by the largest banks and payments systems operators worldwide. In addition, it pays only for active cards, without worrying about transaction values or number of transactions.

To provide the password management service, paySmart® uses HSM (Hardware Security Module) cryptographic devices that do not expose passwords and extreme performance servers, running in financial datacenters.

It works


How it works



Support to all PIN block formats (Personal Identification Number) ISO-0, ISO-1, ISO-2 and ISO-3 defined by ISO 9564 (Financial services – PIN management and security)

Use of payment cryptographic hardware (HSMs) in all processes (generation, storage and validation)

Generation of 4 to 12 digit numerical random passwords, with truly random processes, that means, generation of random numbers directly in the cryptographic hardware

Automatic removal of random passwords with many repeated and/or sequential digits, based on customers’ date of birth or address (configurable)

Native protection against very strong attacks with a counter of incorrect online password validation attempts (OPTC online PIN Try Counter)

Native protection against dictionary attacks, with diversified password storage instead of the same cryptogram for all cards with the same password

Transparent operation during data preparation, based on the same format of embossing files that the client knows

Transparent operation during transaction validation, using the same TCP/IP sockets format that the client knows;

Support for the reuse of previous passwords already distributed to the client

Support for online passwords update exchanged by other client’s interfaces

Support for chip cards configured to work with offline passwords or online passwords

Support for magnetic cards, with no chip yet, configured to work with online passwords

Support to receive PIN Blocks X9.8 MK SK (Master Key/Session Key)

Suporte to receive PIN Blocks X9.24 DUKPT (Derived Unique.Key Per Transaction).

Contact Us


We are

Matriz – Porto Alegre

Rua Manoelito de Ornellas, 55,
Sala 1303, Torre A
Porto Alegre RS

(51) 3221.4879

(51) 3227.2814

São Paulo

Av.Angélica, 2491 – 11º andar
Consolação. São Paulo – SP

(11) 4564.7678

© 2018 Aceká Marketing Digital