CVV & PIN Status Management

Back
Next

CVV & PIN Status Management

After card issuance is complete, your system can use the Payblr PSP API to retrieve CVV and PIN status, and perform unblock operations when supported. In this flow, the cardholder interacts with your mobile or web application, while your system sends the corresponding requests to Payblr and returns the confirmed result to the cardholder.

Overview

This page covers three related capabilities:

  • CVV status checks

  • PIN status checks

  • CVV and PIN unblock operations

These flows help your system supports sensitive card operations in a controlled way while keeping the cardholder experience within your own channels.

1. CVV Status Retrieval

This flow allows your system to check the current CVV status and the number of remaining attempts.

How the flow works

  1. A cardholder requests CVV information through your mobile or web application.

  2. Your system sends the request to Payblr using:
    GET /thr/thredd/card-cvv/{publicToken}/cvv/status

  3. Payblr returns: 200 OK. The response also includes the CVV status and remaining tries.

  4. Your system displays the returned status and remaining tries to the cardholder.

Important note on CVV retrieval

The flow shown in this diagram covers CVV status checks, not retrieval of the actual CVV value. If your implementation needs to display or deliver the actual CVV, your system should use the Get Card Data secure-data flow instead. Get Card Data is the endpoint used to share secure card data to the cardholder’s device through an encrypted payload, and it requires a device-generated session key in the request.

2. PIN Status Retrieval

This flow allows your system to check PIN status and remaining attempts.

  1. A cardholder requests PIN status information through your mobile or web application.

  2. Your system sends the request to Payblr using:
    GET /thr/thredd/card-pin/{publicToken}/pin/status

  3. Payblr returns: 200 OK. Also, returns the PIN status and remaining tries.

  4. Your system displays the returned status and remaining tries to the cardholder.

Important note on CVV retrieval

The flow shown in this diagram covers PIN status checks, not retrieval of the actual PIN value. If your implementation needs to display or deliver the actual PIN, your system should use the Get Card Data secure-data flow instead, just like CVV.

Unblock Operations

This flow allows your system to unblock CVV or PIN when the operation is supported.

4. Unblock CVV

  1. A cardholder requests to unblock CVV through your mobile or web application.

  2. Your system sends the request to Payblr using:
    PUT /thr/thredd/card-cvv/{publicToken}/cvv/status

  3. Payblr returns: 204 No Content

  4. Your system confirms to the cardholder that the CVV has been unblocked.

5. Unblock PIN

  1. A cardholder requests to unblock PIN through your mobile or web application.

  2. Your system sends the request to Payblr using:
    POST /thr/thredd/card-pin/{publicToken}/pin/unblock

  3. Payblr returns: 204 No Content

  4. Your system confirms to the cardholder that the PIN has been unblocked.

This operation also resets the PIN attempt counter.