Skip to content
Spritz API Docs

Get card PIN

POST
/v1/cards/{cardId}/pin

Retrieves the encrypted card PIN.

Encryption: The PIN is returned as an AES-128-GCM encrypted payload. Use the session’s AES key to decrypt it.

PIN Block Format (ISO 9564-1 Format 2): After decryption, the plaintext is a 16-character PIN block with the following structure:

  • Byte 0: Control field (2 indicates Format 2)
  • Byte 1: PIN length in hexadecimal (4-12)
  • Bytes 2-(1+N): The actual PIN digits
  • Remaining bytes: Padding (F)

Example: A 4-digit PIN “1234” would be encoded as: 241234FFFFFFFFFF

Parsing the PIN block:

const pinLength = parseInt(pinBlock[1], 16);
const pin = pinBlock.slice(2, 2 + pinLength);

Authorizations

Section titled “Authorizations ”

Parameters

Section titled “ Parameters ”

Path Parameters

Section titled “Path Parameters ”
cardId
required

The id of the card whose pin is being requested

string
>= 1 characters

Request Body required

Section titled “Request Body required ”
object
encryptedKey
required

Base64-encoded RSA-encrypted AES-128 key used for PIN decryption

string
>= 1 characters

Responses

Section titled “ Responses ”

200

Section titled “200 ”

The encrypted PIN block for the card. When decrypted, the plaintext is an ISO 9564-1 Format 2 PIN block.

The encrypted PIN block for the card. When decrypted, the plaintext is an ISO 9564-1 Format 2 PIN block.

object
encryptedPin
required
object
iv
required

Base64-encoded initialization vector for AES-GCM decryption

string
>= 1 characters
data
required

Base64-encoded AES-GCM encrypted PIN block

string
>= 1 characters

401

Section titled “401 ”

Response for status 401

object
type

A URI reference that identifies the problem type

string
default: about:blank
title
required

A short, human-readable summary of the problem type

string
status
required

The HTTP status code

number
detail

A human-readable explanation specific to this occurrence

string
instance

A URI reference that identifies the specific occurrence

string
realm

The authentication realm

string
scope

The required scope for this resource

string

404

Section titled “404 ”

Response for status 404

object
type

A URI reference that identifies the problem type

string
default: about:blank
title
required

A short, human-readable summary of the problem type

string
status
required

The HTTP status code

number
detail

A human-readable explanation specific to this occurrence

string
instance

A URI reference that identifies the specific occurrence

string
resourceType
required

The type of resource that was not found

string
resourceId
required

The identifier of the resource that was not found

string

500

Section titled “500 ”

Response for status 500

object
type

A URI reference that identifies the problem type

string
default: about:blank
title
required

A short, human-readable summary of the problem type

string
status
required

The HTTP status code

number
detail

A human-readable explanation specific to this occurrence

string
instance

A URI reference that identifies the specific occurrence

string