Fill in the application form and start selling
+34 968 079 125
WhatsApp: +34 613 01 87 17
Follow us on LinkedIn
Request a CallBack
Request a CallBack
  1. Glossary
  2. BIN number

BIN number

Actualizado el: 22/05/2026
Index

What is a BIN number in a financial institution?

The BIN number (Bank Identification Number) corresponds to the first 6 to 8 digits of a card’s Primary Account Number (PAN). It identifies the issuing bank, the card brand (Visa, Mastercard, American Express), the product type (credit, debit or prepaid) and the country of issuance.

The ISO/IEC 7812 standard regulates BIN allocation. Since 2022, the industry expanded the standard from 6 to 8 digits (known as the IIN, Issuer Identification Number) to accommodate the growing demand for ranges from new issuers.

PCI DSS v4.0 Requirement 3.4.1 states that the BIN and the last four digits of the PAN are the maximum card data that can be displayed without masking. Any additional display requires a documented legitimate business need.

Visa card structure showing BIN and card components

How the BIN number works

When a customer uses their card at a POS terminal or in an ecommerce checkout, the system reads the BIN to make decisions in milliseconds:

  • Identification of scheme and issuer. The first digit (MII, Major Industry Identifier) reveals the network: Visa cards start with 4, Mastercard with 2 or 5, and American Express with 34 or 37. The remaining BIN digits identify the specific issuing bank.
  • Transaction routing. The processor uses the BIN to direct the authorization request to the correct issuer through the appropriate network. Accurate routing reduces technical declines and improves the approval rate.
  • Interchange fee classification. The BIN determines whether the card is consumer, commercial or corporate—information that directly affects the interchange fee the acquirer pays to the issuer.
  • Fraud‑rule activation. Risk engines cross‑check the BIN with IP geolocation, shipping country and transaction history to calculate a real‑time risk score.
  • Luhn algorithm validation. The last digit of the PAN is a check digit used to detect typing errors before sending the authorization request.

Regulatory impact and applicable security

The handling of BIN and PAN data is subject to strict regulation:

PCI DSS v4.0 requires protecting the full PAN in any entity that stores, processes or transmits it. Requirement 3.5.1 mandates making the PAN unreadable through encryption, truncation, tokenization or one‑way hashing. The BIN is exempt from masking when needed for routing.

PSD2 (transposed in Spain by Royal Decree‑Law 19/2018) requires Strong Customer Authentication (SCA) for electronic payments. The BIN plays a role because acquirer risk engines use it to evaluate whether a transaction qualifies for a TRA exemption (Transaction Risk Analysis) or requires 3D Secure 2.

Operational advantages and disadvantages

AdvantagesDisadvantages
Automatic routing that reduces technical declinesA misclassified BIN can cause unjustified declines
Granular fraud rules by issuer and countryBIN tables require constant updates
Accurate interchange fee classificationThe expansion to 8 digits requires adapting legacy systems
Real‑time card‑type detection in checkoutDoes not contain personal data about the cardholder

Was this term useful?

Leave a Comment
PayOk Logo Hover

Secure payment solutions

Client area
Our Company
Services
Follow us on LinkedIn
Banco de Espana

PayOk Financial Services, S.L. - CIF B73697567 - LEI 254900GYRB3SRHK4K565. Concordia St., Nº 39, 30500, Molina de Segura - Murcia - Spain. Registered in the Commercial Registry of Murcia, Volume 2795, Book 0, Folio 168, Section 8, Page MU75166, Entry or Annotation 6, Date 11/10/2023. PayOk Financial Services, S.L. is a Payment Institution regulated by the Bank of Spain with license number: 6928. PayOk Financial Services, S.L. safeguards merchants' funds in segregated accounts managed by regulated credit institutions.

Copyrights © 2026 All rights reserved.
  • payment-visa
  • payment-master