m2pfintech
API LibraryAuthentication And Validation

Validate PIN V2

Enhanced version of PIN validation that uses AES-GCM encryption for the PIN block. The PIN must be encrypted using a three-step process. Step 1 - PIN Block Generation using ISO 9564 Format 0 encoding where the PIN is XORed with the PAN (card number or kit number). Step 2 - AES-GCM Encryption where the PIN block is encrypted using the shared set-PIN key with a random 16-byte IV and 128-bit authentication tag. Step 3 - The encrypted result is Base64 encoded containing the IV prepended to the ciphertext. The expiryDate must match the card expiry in MMYY format.

POST
/kit-manager/v2/validatePin

Authorization

tenantAuth
tenant<token>

The DCMS tenant name for multi-tenant isolation. Every API call must include this header to identify the client organization.

In: header

Header Parameters

tenant*string

The DCMS client or tenant name for multi-tenant isolation.

Request Body

application/json

pin*string

AES-GCM encrypted PIN block. Generated by creating a Format 0 PIN block (PIN XORed with PAN), then encrypting with AES-GCM using the shared key, and finally Base64 encoding the result (IV + ciphertext).

kitNo*string

Kit number of the card whose PIN is being validated.

entityId*string

Customer entity identifier who owns the card.

expiryDate*string

Card expiry date in MMYY format for additional validation.

Response Body

application/json

application/json

curl -X POST "https://api.dcms.example.com/v1/kit-manager/v2/validatePin" \  -H "tenant: ACME_BANK" \  -H "Content-Type: application/json" \  -d '{    "pin": "4faN/yNdT8E+5wVy/GlfTWYsVPHAYFPaPWDn+SSL59w=",    "kitNo": "4240181647",    "entityId": "validatePin0",    "expiryDate": 729  }'
{
  "result": true,
  "exception": null,
  "pagination": null
}
{
  "result": null,
  "exception": {
    "errorCode": "PIN002",
    "shortMessage": "PIN validation failed",
    "detailMessage": "The provided PIN does not match the PIN on file",
    "httpStatus": "BAD_REQUEST",
    "fieldError": [
      "Incorrect PIN"
    ],
    "languageCode": "en"
  },
  "pagination": null
}

Validate PIN POST

Validates the PIN for a card. The PIN must be encrypted using the shared encryption algorithm before sending. This API verifies that the provided encrypted PIN matches the PIN on file for the specified card. Returns true on successful validation. The expiryDate must match the card expiry in MMYY format.

Create Branch POST

Creates a new branch with the provided details. Most fields are required to ensure complete branch information is captured including address, contact details, and point of contact information. The branchId must be unique across the tenant. The creator field can be used to record who created the branch for audit purposes.