What is a BIN/IIN?
A Bank Identification Number (BIN), formally known as the Issuer Identification Number (IIN) under ISO/IEC 7812, is the first 6-8 digits of a payment card number that identifies the issuing institution and the card scheme. As of April 2022, IINs migrated from 6 to 8 digits to expand allocation capacity. BIN/IIN drives card scheme routing, interchange determination, fraud risk scoring, and product-level features.
What BIN reveals
- Card scheme: Visa (starts 4), Mastercard (51-55, 2221-2720), American Express (34, 37), Discover (6011, 65), JCB (35), UnionPay (62), Troy (9792).
- Issuer: specific bank or financial institution.
- Country of issuance: derived from the issuer.
- Card type: credit, debit, prepaid; consumer vs. commercial.
- Product tier: Standard, Gold, Platinum, World, Infinite, Business.
BIN in fintech operations
- Routing: determining the acquirer-issuer path for authorisation.
- Interchange: different BIN ranges carry different interchange fees.
- Fraud scoring: BIN-level historical fraud rates feed risk models.
- BIN attacks: automated card-testing attacks rely on enumerating valid BIN+ranges — detection and rate-limiting are essential.
- Cross-border acceptance: some merchants restrict by BIN country.
Why BINs matter in fintech deals
BIN access is a gating asset in card programs: issuing requires a BIN sponsor (a principal scheme member) unless the fintech holds its own membership and licence, and the sponsorship agreement is the program’s legal backbone — allocating scheme compliance, chargeback liability, settlement flows, reserve requirements and termination mechanics. In diligence on card-issuing startups, the questions are standard: whose BIN, what exclusivity and migration rights, which party owns the cardholder relationship and data, and what happens to live cards if the sponsorship ends. BIN-range data also feeds fraud and routing engines; using it accurately is operationally critical since misidentifying card type or issuer country breaks fee calculations and compliance screening alike.