# Verify a PIN for a PAN-less Issuer source: https://developer.mastercard.com/mastercard-processing-core/documentation/use-cases/pin-management/verify-pin-pan-less-issuer/index.md ## Overview {#overview} This use case describes the process to verify the PIN, and the PAN is not known to your system. The use case can be used in a situation where you require the cardholder to enter the current PIN value to set a new PIN. ## Sequence diagram {#sequence-diagram} Diagram verify-pin-pan-less-issuer-new ### Explanation {#explanation} 1. The cardholder is asked to enter the current PIN. 2. The mobile application or e-banking service sends a `GET` request to the `/public-keys?data_type_to_secure=PIN_BLOCK` endpoint. 3. The API responds with the `keyIndex` and `publicRsaKey`. 4. The mobile application or e-banking service converts the PIN from step 1 to the PIN block using ISO format 1 encrypted with the `publicRsaKey` received in step 3. Tip: A Public RSA key can be in [PEM](https://en.wikipedia.org/wiki/Privacy-Enhanced_Mail) or [DER](https://en.wikipedia.org/wiki/X.690#DER_encoding) format depending on the onboarding configuration. 5. The mobile application or e-banking service sends a `PUT` request to the `/cards/{card_contract_id}/pins/verifications` endpoint by passing the following fields in the request body: * `keyIndex` of the `publicRsaKey` used to encrypt `PinBlock` * encrypted `PinBlock` * `cardExpiryDate` 6. The API retrieves the PAN number from the CMS based on the provided `card_contract_id`. 7. The API decrypts the `PinBlock` by using a Private RSA key. 8. Mastercard Processing successfully verifies the PIN Block. 9. The API returns the `verificationResult` field with the `PIN_CORRECT` value confirming that the provided PIN block is correct. 10. The mobile application or e-banking service notifies the cardholder that the PIN is verified successfully. In the next step, the [Set a PIN for a PAN-less Issuer](https://developer.mastercard.com/mastercard-processing-core/documentation/use-cases/pin-management/set-pin-pan-less-issuer/index.md) use case can be executed to complete the process of changing the PIN. Tip: The PIN is retrieved for the card contract for which the `Plastic` object has the `Active` value in the `status` field. Tip: Refer to [PIN Block Formation and Encryption Process](https://developer.mastercard.com/mastercard-processing-core/tutorial/pin-encryption-process/index.md) tutorial for more information with code samples to help you with the integration. Refer to [Sandbox testing](https://developer.mastercard.com/mastercard-processing-core/documentation/sandbox-testing/pin-management/verify-pin-for-panless-issuer/index.md) for information on how to execute the use case in the Sandbox environment. ## Endpoints {#endpoints} API Reference: `GET /public-keys` API Reference: `POST /cards/{card_contract_id}/pins/verifications`