Try enabling the "Prevent Change" option in the User Based Policy. This hides the change password button and I would expect also the change PIN button.
Thanks for the response. I do have passwords completely turned off to force PKI but it is a proprietary system so a DE initiated PIN reset may break a user's access. I did try your suggestion but it had no effect on the change pin option.