Efficient Pre-Personalization of PKI Cards and USB Tokens. Generate and store PIN and PUKs in one single step

Simple Pre-Personalization of PKI Cards, Generation of PUKs and PIN in One Step

PrivacyPUK allows to pre-personalize PKI cards and USB tokens in one simple step. PrivacyPUK generates PIN and PUKs (PIN Unblock Codes), stores them onto the card and prints a PIN-Mailer that can be handed over to the end-user of the card. The PUKs are encrypted and stored in a database. The help desk personnel can easily access the PUKs whenever needed.

PrivacyPUK provides the following functions:

  • Pre-personalize cards/tokens with PIN, PUKs and security parameters
  • Retrieve and manage PUKs
  • Key and access management for the PUK database

Pre-personalize cards/tokens
The pre-personalization process generates PIN and PUKs, based on the security policy of the organization. These values are being written onto the card. A configurable PIN-Mailer is printed at the same time. This PIN-Mailer should contain at least the new card PIN. The PUK values are also stored in the PrivacyPUK database.

All the critical parameters are configurable. These are e.g. length and complexity of PIN and PUK values, the number of PUKs and the PIN error counter. This counter defines how many wrong PIN entries are accepted before the card is blocked. The PIN Mailer is also configurable. With a template – generated with MS Word – the fixed and variable content of the printout can be easily customized.

Retrieve and manage PUKs
The PUKs must be used in the predefined sequence. The helpdesk can easily lookup the next PUK, if a user has blocked his or her card.

Key and access management for the PUK database
PrivacyPUK boosts comprehensive security features. The access to the database can be secured with a key. The PUKs can be encrypted before stored in the database. To control access and encryption, a set of keys can be defined by the administrator. The keys are stored onto a chip card or are entered manually on demand.

Systems requirements

PrivacyPUK is a Windows application (Windows 7 and 8). Two card readers or USB-Tokens are required. One for the license or key card and the other for the card/token to be personalized.

PrivacyPUK supports tokens/cards from Atos (CardOS 4.4 and 5) and Gemalto/SafeNet (330, 400, iKey2032, 4000 and 4100).

PrivacyPUK Flyer


More information


November 1, 2019
Feitian, as the worlding leading identification service provider, has released a series of QR Code Tokens – OTP c603, c610 and c620 (to be published), with the objective of securing users’ identities and bank transactions.
Read more
December 17, 2018
Ergonomics now distributes the AirID2, the innovative Bluetooth reader from the German IT security specialist certgate. The wireless card reader in the credit card format fits perfectly into the range of security and authentication solutions of Ergonomics, with which it is of course also compatible.
Read more
November 28, 2017
Feitian Logo
Leveraging IDEX's market leading off-chip biometric sensor technology, Feitian has developed a contact and contactless smart card for use in a variety of government ID, access control and payment use cases. The rapid card prototyping has been enabled by the provision of a complete biometric module from IDEX.
Read more
August 24, 2017
Thales Logo
Thales, a leader in critical information systems, cybersecurity and data security, announces its nShield XC hardware security modules (HSMs) and Vormetric Application Encryption solution are now certified to Federal lnformation Processing Standard (FIPS) 140-2. Validation to FIPS 140-2 is a mandated requirement in many industry and government sectors and is a frequently stated best practice for organizations seeking to protect sensitive data.
Read more

Contact |


+41 58 311 1000



Headquarters Zürich

Ergonomics AG | Nordstrasse 15 | CH-8006 Zürich | Switzerland