PIN on Glass consulting, approval and certification

What is PIN on Glass?

PIN on Glass is the name for Software-based PIN entry on COTS (Commercial-Off-The-Shelf). It is intended to preserve security while streamlining merchant experience when a payment acceptance solution relies on:

  • A standard mobile device (smartphone or tablet).
  • A software PIN-entry solution app on the device using the touchscreen for PIN entry.
  • A Secure Card Reader-PIN (SCRP) attached to the mobile device, which has to be tested as PCI PTS compliant not PCI SpoC.
  • Back-end systems and environments that perform attestation, monitoring, payment and online PIN processing.


​Example of PIN on Glass architecture​


Source: PCI Software-based PIN Entry on COTS, Security Requirements, v1.0

PCI SpoC(1) requirements have been set out by the Payment Card Industry - Security Standards Council (PCI SSC), whose members are American Express, Discover, JCB, Mastercard and Visa.

Security consulting, approval and certification

FIME is able to:

  • Help you with improving the security of your PIN on Glass payment solution.
  • Provide you with support to perform security evaluation services against PCI SPoC to demonstrate your compliance to the payment schemes. It includes both software and backend security testing.
  • Assist you on functional testing services to achieve compliance to the payment schemes.

Please refer to PCI PTS for Secure Card Reader-PIN (SCRP) security approval and certification.

Preparing a pilot for a contactless payment acceptance solution?

  • On a mobile device.
  • Using a purely software solution.
  • No hardware attachment (no SCRP).

It is a Tap on Phone solution.

To meet payment schemes’ requirements, please contact us; we can also help you.

(1) PCI SpoC (PIN-on-Glass) official security evaluation services are provided by an accredited partner.

PIN on Glass