A TDN can be secured with a PIN or PKI . It is not allowed to set both a PIN and a PKI for a TDN. In general it is optional to setup a PIN or PKI for a TDN. If a TDN is in the possession of a bank or a merchant the TDN however must have the PKI set to the public key of a digital certificate issued by the Central Bank.

If a PIN or PKI is set for a TDN it must be supplied when a transaction is initiated. When validating a TDN it is not necessary to have the PIN or PKI .

The easiest way to protect a TDN with a PIN is using the Central Bank Website. A PIN is a number from four to eight digits The PIN is set for one TDN at a time. The same PIN can be used for as many TDNs as desired to make it easier to remember. When using a TDN application the TDN can be set by the application. The application may store that PIN and use it when a transaction is initiated.

Setting up a PKI is more difficult because a private/public key pair has to be generated which requires advanced computer skills. The private key is set for the TDN and the private key has to be kept secret. When a TDN is secured with a PKI a transaction has to be initiated by an application supporting SSL/TLS in order to be able to handle the transaction API call. Every time a transaction is initiated for a TDN protected with a PKI the initiator of the transaxction must satisfy PKI challenge issue by TDNSYS.

When a TDN is issued by the Central Bank to Retail Bank the TDN PKI is set to the public key of that bank digital certificate issued by the central Bank. When a Retail Bank redeems a TDN it must always supply the public key associated with the bank digital certificate and be able to satisfy the PKI challenge issue by TDNSYS.

The API documentation describes the PIN and PKI validation in details. This is the same for all transactions. The TDN Validation does not require this validation.

Next

Prev

Set/Change TDN PIN/PKY API Call

Set/Change TDN PIN Demo