Online PIN Validation
Koard supports online PIN only. When a PIN is required, it is validated in real time against the issuer during the authorization request — Koard does not support offline PIN, where the PIN would be verified locally on the device without issuer involvement.
The encrypted PIN block is forwarded to the acquirer and issuer as part of the authorization. The issuer validates the PIN against the cardholder's account and will hard decline the transaction if the PIN is incorrect — this decision is made entirely by the issuer and acquirer, not by Koard.
When a cardholder enters a PIN during a Tap to Pay on iPhone transaction, Apple encrypts the PIN data before it leaves the device. Koard handles the full decryption and validation flow online — the encrypted PIN never passes through your application unprotected.
How It Works
- The iOS SDK captures the cardholder's PIN and returns encrypted cardholder data, encrypted PIN data, and a transaction ID to Koard.
- Koard calls Apple's Proximity Payment Service to exchange the encrypted data for single-use decryption keys.
- Apple returns keys scoped to that transaction. Koard validates and decrypts the data, then forwards the PIN block to the payment processor in the authorization request.
Supported Scenarios
| Scenario | PIN Captured | Notes |
|---|---|---|
| Cardholder data only | No | Standard contactless — no PIN required |
| Cardholder data + PIN | Yes | PIN collected inline during the tap |
| Cardholder data + PIN token | Yes | PIN collected and tokenized |
| PIN fallback | Yes | Used when the card requires PIN but cannot use standard flow |
