Real Story of Offline Vs Online PIN in Card Payments

Credit card payments need secure authorization process. PIN verification is one of the method. Here you will know the differences between Online and Offline PIN verification.

Back when payment cards weren’t equipped with an EMV chip and most payment terminals were only capable of doing offline transactions, card-issuing banks introduced the signature as the primary type of authorization for a transaction.

The merchant is supposed to check the signature on the back of the card with the signature provided by the shopper.

Often the merchant also asks for an ID card in order to verify the ownership of the card.

So what is EMV, It stands for Europay Master card and Visa card

There was also a time when a picture of the card owner was printed on the back of the card and used instead of a signature at the point of sale.

The drawback of this type of verification is that no paper trail of the authorization is available afterward, which is probably also one of the reasons why this type is no longer used.

What is PIN

A PIN was traditionally used to authorize cash withdrawals at ATMs but is becoming a more and more common CVM at the point of sale.

To accept PIN verifications, terminals must meet high-security standards and undergo a certification process before they can be used at the point of sale.

This ensures that the PIN is highly protected and cannot be extracted in the plain by a malicious entity.

Offline PIN vs Online PIN

  • Today there are two different PIN verification methods, online PIN and offline PIN.
  • With an online PIN verification, the PIN is encrypted by the terminal and send to the card-issuing bank with a request to verify its authenticity. An example is ATM.
  • The offline PIN verification is only available with EMV cards, as the PIN is checked internally by the chip. An example is Chip credit/Debit cards.
  • It is also worth noting that based on the used CVM, the burden of proof that a transaction was actually authorized by the rightful card owner lies with different parties.
  • With a signature, the merchant is responsible to provide the appropriate proof (i.e. by producing the respective receipt with a signature) in case of a challenge by the card owner.
  • In case of a PIN authorized transaction, the burden of proof lies with the shopper and it is generally impossible to challenge this transaction.

Paying with Credit or Debit Card

In determining which CVM will be used for a specific transaction at the point of sale, the type of card is the most decisive factor.

Transactions with a debit card represent the most straight forward cases, as they will use the PIN as verification method if the terminal offers this feature.

In general the online PIN is used and while checking the PIN with the issuing bank, the account balance is also checked.

There are two card verification methods. One is Signature and the other one is PIN

When paying with credit cards, a signature is commonly used as the preferred CVM for transactions at the point of sale. Only when withdrawing cash at an ATM, a PIN is requested.

But there is a slow shift away from signatures in favor of PIN verifications, with the United Kingdom and Ireland being one of the countries now only issuing cards that require a PIN as CVM. (Ref: Payworksmobile)

Related Posts

Author: Srini

Experienced software developer. Skills in Development, Coding, Testing and Debugging. Good Data analytic skills (Data Warehousing and BI). Also skills in Mainframe.