PIN Block Wasm Tool

Introduction

This PIN Block Web Tool, built upon the paysec Rust library and WebAssembly (Wasm), offers an interface for working with ISO 9564 PIN blocks. ISO 9564 is a key standard for secure Personal Identification Number (PIN) management in financial services, focusing on encrypting the PIN for safe transmission. This standard prescribes various PIN block formats, each encoding the PIN into a block for encryption with an approved algorithm. Notably, these formats often intertwine the encoded PIN with the Personal Account Number (PAN) for improved security.

This tool (so far) supports Format 3 and Format 4 of the ISO 9564 PIN block. Format 3, ideal for the Triple Data Encryption Algorithm (TDEA) due to its 64-bit block size, encodes and decodes PIN and PAN fields but does not perform encryption. Conversely, Format 4, compatible with larger block size algorithms like AES (128 bits), includes both encryption and decryption processes, binding the encrypted PIN with the PAN field for heightened security during transmission.

The tool serves as an interactive resource for generating test data and implementing these PIN block formats, highlighting their role in safeguarding financial transactions.

Usage Notes

  • PIN Encoding: Entered as numeric ASCII characters.
  • PAN Encoding: Entered as numeric ASCII characters.
  • PIN Block Encoding: Outputs are HEX encoded with ":" as separators. Inputs can include "-" or no separators.
  • Key Encoding: Cryptographic keys must be HEX encoded, optionally using ":" or "-" as byte separators.
  • Random Seed Input: Users can input a random seed for deterministic test data.
  • Automatic Random Seed Generation: If no seed is provided, the tool generates one using JavaScript's window.crypto.getRandomValues.
  • Random Seed for Format 4: The first 8 bytes of the provided seed are used for the second half of the PIN field's random padding.
  • Random Seed for Format 3: The seed's first 8 bytes are transformed into hexadecimal nibbles (A to F) for padding. The positions in the PIN block match those in the seed.
  • Error Handling: Concise error messages are provided by the Rust library and displayed in the Output fields.

This tool is designed to be intuitive yet powerful, accommodating both simple and advanced use cases. The flexibility in encoding and random seed management allows for comprehensive testing and experimentation with PIN block formats. For any suggestions, wishes, or issues, please feel free to reach out to David Schmid at david.schmid@mailbox.org.

Encipher PIN Block ISO 9564 Format 4

Note: A random seed will be generated if no value is provided. See usage notes for details on how random data is handled.

Example

  • PIN: 1234
  • PAN: 1234567890123456789
  • Key (AES-128): 00112233445566778899AABBCCDDEEFF
  • Random Seed: FFFFFFFFFFFFFFFF
  • PIN Block generated: 28:B4:1F:DD:D2:9B:74:3E:93:12:4B:D8:E3:2D:92:1E

Decipher PIN Block ISO 9564 Format 4

Example

  • Encrypted PIN Block: 28B41FDDD29B743E93124BD8E32D921E
  • PAN: 1234567890123456789
  • Key (AES-128): 00112233445566778899AABBCCDDEEFF
  • PIN generated: 1234

Encode PIN Block ISO 9564 Format 3

Note: A random seed will be generated if no value is provided. See usage notes for details on how random data is handled.

Example

  • PIN: 1234
  • PAN: 12345678901234
  • Random Seed: FFFFFFFFFFFFFFFF
  • Encoded PIN Block generated: 34:12:17:BA:98:76:FE:DC

Decode PIN Block ISO 9564 Format 3

Example

  • PIN Block: 34:12:17:BA:98:76:FE:DC
  • PAN: 12345678901234
  • PIN: 1234