PIN is an acronym for Personal Identification Number and it is a unique number used for personal authentication when, for example, unlocking the phone, making payment with a payment card, withdrawing cash, and so on. In most cases, PIN is only a 4 or 5 digit number in order to be easily remembered.
Where do we use PIN code? How?
For example, PIN is used to get access to a system (e.g. phone, tablet, computer, door entry system, etc.).
When we are entering a PIN in order to get access to the door or a shared computer for instance, we go through a one-step verification, the so-called single-factor authentication. By contrast, when we enter our PIN code to make a payment by card or, for example, to make a withdrawal from an ATM, we go through a so-called two-factor authentication (the first factor is something the person knows, i.e. the PIN code, and the other is something the person has on them, i.e. the payment card).
PIN is also used in multi-factor authentication. For example, some banks make use of this method for payment transaction authentication. In addition to entering a PIN code, the user has to enter a one-time passcode received via SMS. This avoid the risk of misuse of the PIN code if it ever gets into unauthorized hands. If both the PIN code and the one-time passcode do not match the operation, the transaction is not verified.
Since the PIN code is relatively short, it would be very easy to guess it (from the technical point of view) by simply testing all variants (see strong password). For this reason, systems are usually protected by a limited number of attempts of PIN entry. After several unsuccessful PIN entries, they get blocked. The account must either be unblocked by the administrator, or there is another code that must be entered, for example PUK.