You can allow your cardholders to access the PIN of their Adyen-issued card within your app. This page explains how to use Adyen's Card Reveal iOS SDK to securely reveal PINs in your user interface.
To reveal a PIN in your user interface, you must first get the PIN data from Adyen. To securely request the data, you use a base64-encoded RSA public key and Adyen's Card Reveal iOS SDK to generate an encrypted session key.
Use the session key to request a PIN block from Adyen. This PIN block contains the encrypted PIN data assigned to the Adyen-issued card. You can decrypt the PIN block using Adyen's Card Reveal iOS SDK, and then reveal the PIN to the cardholder on your interface.
The following sequence diagram illustrates the workflow.
As shown in the diagram, the steps for revealing a PIN are:
- Get a public key from Adyen.
- Generate an encrypted session key.
- Request the PIN block from Adyen.
- Decrypt the PIN block and reveal it in your user interface.
Requirements
Make sure that:
-
You have API credentials for the Configuration API.
-
Your API credential has the Bank Issuing PIN Reveal Webservice role.
-
Your application uses iOS version 13.0 or higher.
-
You installed Adyen's Card Reveal iOS SDK.
Get a public key from Adyen
You need a base64-encoded RSA public key to generate an encrypted session key. Use the Configuration API to get the public key from Adyen.
To get a public key:
-
Make a GET /publicKey request, specifying the following query parameters:
The response contains:
- The public key
- The expiry date of the public key
-
Pass the publicKey to your client.
Generate an encrypted session key
You need an encrypted symmetric session key to securely request the card details from Adyen. Generate the encrypted session key using the public key and the Adyen's Card Reveal iOS SDK. The steps are as follows:
-
Initialize the
PinRevealService
method. -
Call the
generateEncryptedKey
method, passing the publicKey as a parameter.
Now, encryptedKey
contains the encrypted symmetric session key that you need to request the PIN block from Adyen.
Request the PIN block from Adyen
Request from Adyen the PIN block that contains the encrypted PIN data:
-
Make a POST /pins/reveal request and specify the following parameters:
Parameter Description paymentInstrumentId The unique identifier of the card for which you are revealing the PIN. encryptedKey The encrypted symmetric session key. The response contains:
- An encryptedPinBlock: An ISO Format 4 encrypted PIN block
- A token that you need for decrypting the PIN block
-
Pass encryptedPinBlock and token to your client.
Decrypt the PIN block and reveal the PIN
Use the Adyen's Card Reveal iOS SDK to decrypt and reveal the PIN as follows:
-
Call the
pin
method to decrypt the encryptedPinBlock using the token. -
Pass the
decryptedPin
to your app. -
Reveal the
decryptedPin
on your user interface.