Document Comparison
PCI_Card_Production_Physical_Security_Requirements_2013.pdf
→
PCI_Card_Production_Physical_Security_Requirements_v1-1_March_2015.pdf
92% similar
50 → 53
Pages
17033 → 18197
Words
80
Content Changes
Content Changes
80 content changes. 47 administrative changes (dates, page numbers) hidden.
Added
p. 3
March 2015 1.1 PCI Enhancements for clarification
Added
p. 6
Unless otherwise stated, all data and information that is required to be stored must be stored for a minimum of 24 months.
Added
p. 16
g) Emergency exit doors must not be capable of being opened from the outside.
h) Emergency exits must not lead to a higher security area.
h) Emergency exits must not lead to a higher security area.
Added
p. 19
q) Mechanisms must be in place to prevent observation of security equipment (e.g., CCTV monitors) inside the security control room. For example, by covering all security control room windows with a one-way mirror film or other material preventing viewing from outside
e) Equipment that is purely associated with test activities is not allowed in the HSA.
f) The motion detector must generate an alarm if movement is detected inside the HSA or rooms within the HSA when the access-control system indicates (e.g., the software counter is zero•nobody registered in the room) the room is not occupied.
i) If the access-control server is not located in the security control room it must be located in a room of equivalent security. The access-control server cannot be located in the HSA 3.3.4.2 Person-by-Person Access Control and Anti-pass-back Software Function
c) If the HSA contains fire doors and these doors are normally closed or can be manually closed, …
e) Equipment that is purely associated with test activities is not allowed in the HSA.
f) The motion detector must generate an alarm if movement is detected inside the HSA or rooms within the HSA when the access-control system indicates (e.g., the software counter is zero•nobody registered in the room) the room is not occupied.
i) If the access-control server is not located in the security control room it must be located in a room of equivalent security. The access-control server cannot be located in the HSA 3.3.4.2 Person-by-Person Access Control and Anti-pass-back Software Function
c) If the HSA contains fire doors and these doors are normally closed or can be manually closed, …
Added
p. 23
b) Vaults must be constructed of reinforced concrete (minimum 15 centimeters or 6 inches) or at least meet the Underwriters Laboratories Class I Burglary Certification Standard, which provides for at least 30 minutes of penetration resistance to tool and torch for all perimeter surfaces•i.e., vault doors, walls, floors and ceilings. o An outside wall of the building must not be used as a wall of the vault. o If the construction of the vault leaves a small (dead) space between the vault and the outside wall, this space must be constantly monitored for intrusion•e.g., via motion sensors o No windows are permitted. o There must be no access to the vault except through the vault doors and gate configurations meeting these requirements. The vault must be protected with sufficient number of shock detectors to provide full coverage of the walls, ceiling, and floor. o The vault must be fitted with …
Added
p. 36
The review must be signed and dated as part of the log.
Added
p. 38
b) Used tipping foil must be removed from the machine during non-production hours
d) When destroyed the results must be non-readable and non-recoverable
d) When destroyed the results must be non-readable and non-recoverable
Added
p. 42
• A GPS tracking device is used and monitored during transport from within the security control room.
• The contents are secured with tamper-evident straps and checked upon delivery.
• The vehicle is loaded using dual control and locked during transport.
• Vehicle drivers do not have a key or access to contents.
• Two persons are in the vehicle equipped with a device to communicate with the security control room 2 Issuer consent must be a letter signed by a corporate officer indicating the destination of the card shipment and acceptance of complete and total liability for any loss, theft, or misplacement of the cards.
• The contents are secured with tamper-evident straps and checked upon delivery.
• The vehicle is loaded using dual control and locked during transport.
• Vehicle drivers do not have a key or access to contents.
• Two persons are in the vehicle equipped with a device to communicate with the security control room 2 Issuer consent must be a letter signed by a corporate officer indicating the destination of the card shipment and acceptance of complete and total liability for any loss, theft, or misplacement of the cards.
Added
p. 44
Electronic distribution of PINs may occur on the same day in accordance with the Logical Security Requirements
• Section 10.
b) The vendor must only utilize a courier service that assigns a unique tracking number for each package. A tracking system in conjunction with the tracking number must enable the vendor to identify the successful completion of delivery milestones and exception conditions during the delivery process commencing with initial pick-up and ending with delivery.
• Section 10.
b) The vendor must only utilize a courier service that assigns a unique tracking number for each package. A tracking system in conjunction with the tracking number must enable the vendor to identify the successful completion of delivery milestones and exception conditions during the delivery process commencing with initial pick-up and ending with delivery.
Added
p. 50
Area Area is an unenclosed space, with the exception of the HSA.
Armored Vehicle The armored vehicle is designed to protect and ensure the well-being of the transported individuals and contents. These vehicles are designed to resist attempts at robbery or hijacking through the use of bullet-resistant glass and reinforced shell/cab to protect both occupants and cargo.
Dual Presence Two or more individuals are in the HSA as a whole. This does not supplant or replace any requirements for dual control. For example if three people are in the HSA, and two go into a room that requires dual control, the requirement for dual presence in the HSA as a whole is still met.
HSA Rooms HSA rooms are enclosed spaces with controlled access in production facilities where card products, components, or data are stored or processed, and are where card-production activities occur.
Armored Vehicle The armored vehicle is designed to protect and ensure the well-being of the transported individuals and contents. These vehicles are designed to resist attempts at robbery or hijacking through the use of bullet-resistant glass and reinforced shell/cab to protect both occupants and cargo.
Dual Presence Two or more individuals are in the HSA as a whole. This does not supplant or replace any requirements for dual control. For example if three people are in the HSA, and two go into a room that requires dual control, the requirement for dual presence in the HSA as a whole is still met.
HSA Rooms HSA rooms are enclosed spaces with controlled access in production facilities where card products, components, or data are stored or processed, and are where card-production activities occur.
Added
p. 52
f) Hologram and signature panel hot stamping Non-Personalized Cards Cards that have been through the personalization process and have account data embossed or printed on the card and/or chip and magnetic stripe according to the scheme's rules but are not associated with a cardholder.
d) Indent printing Personalized Cards Cards that have been through the personalization process and are associated with an individual person. That person's name may be encoded, embossed, or printed on the card and/or chip and magnetic stripe according to the scheme's rules.
Security Components Security features that protect the card and may vary from payment brand to payment brand•e.g., holographic materials, signature panels, indent- printing modules when not installed.
d) Indent printing Personalized Cards Cards that have been through the personalization process and are associated with an individual person. That person's name may be encoded, embossed, or printed on the card and/or chip and magnetic stripe according to the scheme's rules.
Security Components Security features that protect the card and may vary from payment brand to payment brand•e.g., holographic materials, signature panels, indent- printing modules when not installed.
Modified
p. 1
Payment Card Industry (PCI) Card Production Physical Security Requirements Version 1.0
Payment Card Industry (PCI) Card Production Physical Security Requirements Version 1.1
Modified
p. 6
Card manufacturing Magnetic-stripe card encoding and embossing Card personalization Chip initializing or pre-personalization Chip embedding Chip personalization Card storing Shipping This document defines the physical security requirements developed by PCI Security Standards Council (PCI SSC).
Card Manufacturing Chip embedding Personalization Packaging Shipping or delivery Fulfillment This document defines the physical security requirements developed by PCI Security Standards Council (PCI SSC).
Modified
p. 6
The individual payment brands are responsible for defining and managing compliance programs associated with these requirements Contact the Payment Brand(s) of interest for any additional criteria.
The individual payment brands are responsible for defining and managing compliance programs associated with these requirements. Contact the Payment Brand(s) of interest for any additional criteria.
Modified
p. 8
c) Access cards must be programmed only for the access required based on job 2.1.3.4 ID Badge or Access Card Usage
c) Access credentials (which may be the ID badge) must be programmed only for the access required based on job function.
Modified
p. 8
a) The access control system must grant access to employees only during authorized working hours, and only to those areas required by the employee’s job functions.
a) The access-control system must grant access to employees only during authorized working hours, and only to those areas required by the employee’s job functions.
Modified
p. 13
c) If the security pass or ID badge is the access control type that enables a record to be kept of the visitor’s movement throughout the facility, the visitor must be instructed on its proper use. o The vendor must program the visitor access badge or card to activate all card readers located in the areas that the visitor is authorized to enter. o Unissued visitor access badges must be securely stored. o Visitors must use their access card in …
c) If the security pass or ID badge is the access-control type that enables a record to be kept of the visitor’s movement throughout the facility, the visitor must be instructed on its proper use. o The vendor must program the visitor access badge or card to activate all card readers located in the areas that the visitor is authorized to enter. o Unissued visitor access badges must be securely stored. o Visitors must use their access card in the …
Modified
p. 15
d) Fitted with an access control device (i.e., card reader or biometric) that automatically activates the locking mechanism
d) Fitted with an access-control device (i.e., card reader or biometric) that automatically activates the locking mechanism
Modified
p. 16
f) During non-business hours, the activation of an emergency exit alarm must summon the local police or a guard response directed by central monitoring service or on-site security control.
f) During non-business hours, the activation of an emergency-exit alarm must summon the local police or a guard response directed by central monitoring service or on-site security control.
Modified
p. 18
f) Ensure that the software counter registering the in and out card transactions in the access control system logs the card transactions at the end of an access cycle (activation of the card reader with the access card, opening and closing of the door).
f) Ensure that the software counter registering the in and out card transactions in the access-control system logs the card transactions at the end of an access cycle (activation of the card reader with the access card, opening and closing of the door).
Modified
p. 18
i) Fit the door with an automatic closing device. The opening of the door for more than 30 seconds must automatically activate a sound alarm. The access control system must be programmed, whereby access is on a person-by-person basis and restricted to authorized personnel only.
i) Fit the door with an automatic closing device. The opening of the door for more than 30 seconds must automatically activate a sound alarm. The access-control system must be programmed, whereby access is on a person-by-person basis and restricted to authorized personnel only. Person-by-person access may be fulfilled through a procedural control.
Removed
p. 19
q) Cover all security control room windows with a one-way mirror film or other material preventing viewing from outside.
Modified
p. 19
l) Ensure that the badge access control monitor permanently displays the access card transactions on a real-time basis. Guards must be able to cross-check the access control records with the CCTV images.
l) Ensure that the badge access-control monitor permanently displays the access card transactions on a real-time basis. Guards must be able to cross-check the access- control records with the CCTV images.
Modified
p. 19
m) Train guards in the security control room in the effective use of badge access control system and CCTV system facilities.
m) Train guards in the security control room in the effective use of badge access-control system and CCTV system facilities.
Modified
p. 19
s) Ensure that when the room is used for reception control, the conditions outlined in
s) Ensure that when the room is used for reception control, the conditions outlined in Section 3.3.1, “Reception,” apply.
Modified
p. 19
a) At a minimum, the following activities must take place only in an HSA: o Manufacturing o Chip embedding o Personalization o Packaging o Shipping or delivery o Fulfillment
a) At a minimum, the following activities must take place only in an HSA: o Card manufacturing o Chip embedding o Personalization o Packaging o Shipping or delivery o Fulfillment
Removed
p. 20
f) The motion detector must generate an alarm if movement is detected inside the security control room when the software counter is zero (nobody registered in the room) and generate an alarm if no movement is detected inside the room when the software counter is greater than zero (at least one person registered inside the room).
Modified
p. 20
a) Access to the HSA must be restricted to authorized persons through an access control system, working on a strict person-by-person basis.
a) Access to the HSA must be restricted to authorized persons through an access-control system, working on a strict person-by-person basis.
Modified
p. 20
b) Access control systems must: o Always be connected to the computer that monitors and logs all staff and visitor movements. o Prevent employees from piggybacking o Enforce person-by-person access. o Implement anti-pass-back mechanisms o Enforce dual presence. If the number of personnel is less than two for more than a minute, the alarm must be activated
b) Access-control systems must: o Always be connected to the computer that monitors and logs all staff and visitor movements. o Prevent employees from piggybacking o Enforce person-by-person access. o Implement anti-pass-back mechanisms o Enforce dual presence. If the number of personnel is less than two for more than a minute, the alarm must be activated
Modified
p. 20
c) The vendor must program the software access control system, whereby access is on a person-by-person basis and restricted to authorized personnel.
c) The vendor must program the software access-control system, whereby access is on a person-by-person basis and restricted to authorized personnel.
Modified
p. 20
d) The access control system must activate the alarm system each time the last person leaves the HSA.
d) The access-control system must activate the alarm system each time the last person leaves the HSA.
Modified
p. 20
g) The warning must be a local sound alarm. Additionally, after working hours, a simultaneous alarm to the local external security company or local police must occur.
g) The warning must be a local sound alarm and notification (silent alarm) within the security control room. Additionally, after working hours, a simultaneous alarm to the local external security company or local police must occur.
Modified
p. 20
h) No one is allowed to bring personal items (for example, packages, lunch containers, purses) or any electronic devices (including but not limited to mobile telephones, photo cameras, and PDAs), into the high security area.
h) No one is allowed to bring personal items (for example, packages, lunch containers, purses) or any electronic devices (including but not limited to mobile telephones, photo cameras, and PDAs), into the high security area. Medical items such as medications and tissues are acceptable if in clear containers that can be examined. No food or beverages are allowed.
Modified
p. 21
i) Emergency exits must be fitted with local audible alarms and monitored 24 hours a day and also must display a sign indicating “emergency exit door with alarm.” 3.3.4.5 Minimum Number of Persons Whenever any room within the HSA is occupied, it must contain a minimum of two authorized employees. This must be enforced by the access control system.
i) Emergency exits must be fitted with local audible alarms and monitored 24 hours a day and also must display a sign indicating “emergency exit door with alarm.” 3.3.4.5 Minimum Number of Persons Whenever any room within the HSA is occupied, it must contain a minimum of two authorized employees. This must be enforced by the access-control system.
Modified
p. 22
j) All waste material from the PIN printing process must be destroyed as defined in Section 4, “Production Procedures and Audit Trails.” 3.3.5.5 Server Room & Key Management Room
j) All waste material from the PIN printing process must be destroyed as defined in Section 4, “Production Procedures and Audit Trails.”
Modified
p. 22 → 23
a) Server processing and key management must be performed in a separate room within the personalization HSA.
a) Server processing and key management must be performed in a separate room within the personalization HSA. Data preparation must occur here. Server processing and key management may occur in the same room or each in a separate room
Removed
p. 23
b) Vaults must be constructed of reinforced concrete (minimum 15 cm or 6 inches) or materials that provide equivalent strength and durability. o An outside wall of the building must not be used as a wall of the vault. o No windows are permitted. o There must be no access to the vault except through the vault door and gate configuration. o The vault must be protected with sufficient number of shock detectors to provide full coverage of the walls, ceiling, and floor. o The vault must be fitted with a main steel-reinforced door with a double mechanical or logical dual-locking mechanism that requires physical and simultaneous dual-control access. The access mechanism requires that access occurs under dual control and does not allow entry by a single individual•i.e., it is not feasible for a single individual to use credentials belonging to someone else to simulate dual access.
i) If the vault …
i) If the vault …
Modified
p. 23
a) The following must be stored in the vault: o Cards awaiting personalization o Security components o Materials awaiting destruction o Samples and test cards prior to distribution and after return o Any card that is personalized with production data o If the facility is closed, personalized cards that will not be shipped within the same working day, otherwise they may be stored in WIP area o Products awaiting return to the supplier
a) The following must be stored in the vault: o Cards awaiting personalization o Security components o Materials awaiting destruction o Samples and test cards prior to distribution and after return o Any card that is personalized with production data o If the facility is closed, personalized cards that will not be shipped within the same working day. o Products awaiting return to the supplier.
Modified
p. 23 → 24
d) If the vault door is required to remain open during production hours, an inner grille must be used. The vault door or inner grille must remain closed and locked at all times, except when staff require access to the vault for example to store or remove items. The inner grille must be fitted with a dual-control locking mechanism or access reader.
d) If the vault door is required to remain open during production hours, an inner grille must be used. The vault door or inner grille must remain closed and locked at all times, except when staff require access to the vault for example to store or remove items. The inner grille must meet the same access-control criteria as other rooms within the HSA.
Modified
p. 23 → 24
h) Card components being taken in or out must be recorded in a vault log and confirmed by at least two employees.
Modified
p. 23 → 24
i) Maintenance of these audit control logs is mandatory as defined in Section 4.7.2, “Vault Audit Controls.” These logs must be retained for the longer of five years or the oldest card in the vault.
Modified
p. 24
k) All boxes with payment cards must be sealed, and a label describing the product type, a unique product identifier number, the quantity of cards contained in the box and the date of control must be attached to the boxes and be visible
Modified
p. 24
l) Vault storage must be organized so that it is possible to identify the location of any stock item within the vault.
Modified
p. 24
m) CCTV surveillance is mandatory and must cover the entire area, ensuring that there are no blind spots.
Modified
p. 24 → 25
e) The inner shipping/delivery area door must be protected by an in and out access control system that monitors the movement of individuals.
e) The inner shipping/delivery area door must be protected by an in and out access- control system that monitors the movement of individuals.
Modified
p. 25
h) To liberate a person detected inside the room and stop the alarm, the software monitoring the access control system must only allow the opening of the last activated door. A logical (software) and physical (alarm report book) log of the event must permanently be kept.
h) To liberate a person detected inside the room and stop the alarm, the software monitoring the access-control system must only allow the opening of the last activated door. A logical (software) and physical (alarm report book) log of the event must permanently be kept.
Modified
p. 25 → 26
d) The alarm activation and deactivation must be checked and confirmed by an electronic device, guards, private security company, or local police force to ensure that the pre- arranged alarm time settings have been respected. The alarm deactivation process must allow for the generation of a fast, silent alarm in case of threat. o A specific procedure must be established to ensure quick corrective action in case an alarm is not activated in accordance with pre-arranged alarm time settings.
d) The alarm activation and deactivation must be checked and confirmed by an electronic device, guards, private security company, or local police force to ensure that the pre- arranged alarm time settings have been respected. The alarm deactivation process must allow for the generation of a fast, silent alarm in case of threat. o A specific procedure must be established to ensure quick corrective action in case an alarm is not activated in accordance with pre-arranged alarm time settings. o …
Modified
p. 26
b) The badge access system must log sufficient information to produce the daily card activity reports detailed below: o Card reader o Card reader status o Card identification o Date and time of access o Access attempts results o Unauthorized attempts o Anti-pass-back violation and corrective actions taken o Badge access system changes describing:
b) The badge access system must log sufficient information to produce the daily card activity reports detailed below: o Card reader o Card reader status o Card identification o Date and time of access o Access attempts results
Modified
p. 26 → 27
b) Passwords are changed at least every 30 days.
b) Passwords are changed at least every 90 days.
Modified
p. 27
j) Access control system data must be backed up on a weekly basis.
j) Access-control system data must be backed up on a weekly basis.
Modified
p. 27
d) Employee entrances 3.4.3.2 Activation
d) Employee entrances
Modified
p. 28 → 29
c) The security manager must conduct a quarterly review of: o The key logbook o The list of employees authorized to hold keys o The locks each key operates
c) For keys that allow access to sensitive materials, the security manager must conduct a quarterly review of: o The key logbook o The list of employees authorized to hold keys o The locks each key operates
Modified
p. 29
c) Both the digital recording and access control systems must be synchronized with real time. The synchronization of the systems must be within two seconds of one another.
c) Both the digital recording and access-control systems must be synchronized with real time. The synchronization of the systems must be within two seconds of one another.
Modified
p. 29
b) CCTV cameras must continuously monitor and record all activity, including being able to record events during dark periods through the use of infrared CCTV cameras or automatic activation of floodlights in case of any detected activity.
b) CCTV cameras must record all activity, including recording events during dark periods through the use of infrared CCTV cameras or automatic activation of floodlights in case of any detected activity. This recording may be via motion activation. The recording must continue for at least 10 seconds after the last motion has been detected. The recording must capture any motion at least 10 seconds before and after the detected motion.
Modified
p. 29 → 30
a) CCTV images must be kept for at least 90 days and must be backed up daily.
a) CCTV images must be kept for at least 90 days and must be backed up daily. Both primary and backup copies must exist for a minimum of 90 days.
Modified
p. 29 → 30
b) The backup recording must be stored in a separate, secure location within the facility and must ensure segregation of duties between the users and administrators of the system.
b) The backup recording must be stored in a separate, secure location within the facility and must ensure segregation of duties between the users and administrators of the system. Backups may also be stored in other facilities via techniques such as disk mirroring, provided the storage is secure in accordance with these requirements.
Modified
p. 30
a) A semi-annual inspection must be conducted on all security devices and hardware including but not limited to: o Alarm system o Access control system o Window and door contacts o Glass-break detectors o Emergency door alarms o Passive infrared detectors o Microwave sensors o Silent duress buttons o CCTV monitors o CCTV image recorders
a) A semi-annual inspection must be conducted on all security devices and hardware including but not limited to: o Alarm system o Access-control system o Window and door contacts o Glass-break detectors o Emergency door alarms o Passive infrared detectors o Microwave sensors o CCTV monitors o CCTV image recorders
Modified
p. 33 → 34
c) Sheets printed with the payment system brand or issuer design must not be used as set-up sheets.
c) Sheets printed with the payment system brand or issuer design must not be used as set-up sheets unless clearly marked void over the payment-system brand/issuer design.
Modified
p. 33 → 35
b) All card products and components
•both good and rejected, including samples counted and reconciled prior to any transfer of responsibility.
•both good and rejected, including samples counted and reconciled prior to any transfer of responsibility.
b) All card products and components
•both good and rejected, including samples •must be counted and reconciled prior to any transfer of responsibility.
•both good and rejected, including samples •must be counted and reconciled prior to any transfer of responsibility.
Modified
p. 34 → 36
n) The exact quantity of components must be counted and registered in the inventory book before vault storage.
n) The exact quantity of card components must be counted and registered in the inventory book before vault storage.
Modified
p. 34 → 36
p) The component inventory log must include but is not limited to: o The reel number or equivalent control that provides unique identification. o Date of usage o Customer job number o Number of images or modules placed on cards o Number of rejected images or modules from header and trailer scrap o Number of and reason for rejected images
p) The card component inventory log must include but is not limited to: o The reel number or equivalent control that provides unique identification. o Date of usage o Customer job number o Number of images or modules placed on cards o Number of rejected images or modules from header and trailer scrap o Number of and reason for rejected images
Modified
p. 34 → 36
q) Components must be removed from the machine and locked within a secure container when not in use.
q) Card components must be removed from the machine and locked within a secure container when not in use.
Modified
p. 34 → 36
r) Components must be returned to the vault during non-production hours.
r) Card components must be returned to the vault during non-production hours.
Modified
p. 34 → 36
s) Rejected components awaiting return for credits must be maintained under dual control.
s) Rejected card components awaiting return for credits must be maintained under dual control.
Modified
p. 36 → 38
d) For accounts/envelopes, include: o Number of accounts o Number of card carriers printed o Number of carriers wasted o Number of envelopes o Number of envelopes wasted o Operator name and signature o Supervisor or auditor name and signature
d) For accounts/envelopes, include: o Number of accounts o Number of card carriers printed o Number of carriers wasted o Number of envelopes that contain cards o Operator name and signature o Supervisor or auditor name and signature
Modified
p. 36 → 38
a) The vendor must shred completely used tipping foil reels containing cardholder information as follows: o In-house,
a) The vendor must shred completely used tipping foil reels containing cardholder information as follows: o In-house, o Under dual control, and o The destruction can occur as frequently as the vendor deems necessary but
•in all cases
•weekly at a minimum. The vendor must maintain proper controls over these materials at all times prior to destruction, and the destruction must occur within the HSA.
•in all cases
•weekly at a minimum. The vendor must maintain proper controls over these materials at all times prior to destruction, and the destruction must occur within the HSA.
Modified
p. 37 → 38
c) Prior to destruction
•e.g., shredding
•the foil must be stored within the HSA under dual access control.
•e.g., shredding
•the foil must be stored within the HSA under dual access control.
Modified
p. 37 → 39
e) An inventory of the number of used reels must be maintained and reconciled with the number of reels shredded.
Modified
p. 37 → 39
f) A log, pre-numbered and bound, of the destruction of the foil must be maintained and include at a minimum: o Number of reels•partial or full. All used foil must be accounted for and destroyed. o Date and time o Written initials of both individuals who witnessed the destruction 4.8.3 Indent Printing Module The vendor must:
Modified
p. 37 → 39
a) Use indent-printing modules only for payment system cards.
a) Use payment system proprietary type faces within indent-printing modules only for payment system cards.
Modified
p. 37 → 39
b) Destroy, under dual control, modules that are no longer to be used.
b) Destroy, under dual control, payment system proprietary type faces within indent-printing modules that are no longer to be used.
Modified
p. 38 → 40
e) Destruction must be carried out in as defined in the high security area.
e) Destruction must be carried out in a separate room as defined in 3.3.5.3.
Modified
p. 39 → 41
iv. Name, e-mail address, and telephone number of the person reporting the loss or
iv. Name, e-mail address, and telephone number of the person reporting the loss or theft
Modified
p. 40 → 42
Type of Delivery Card Volume Destination Personalized Cards
• IndividualMail Individual Package Cardholder Courier Unlimited Issuer, an approved vendor, or (with written issuer1 and VPA consent) to another destination Secure Shipment Unlimited Issuer, an approved vendor, or (with written issuer1 and VPA consent) to another destination Personalized Cards
• Mail Not allowed Courier Unlimited Issuer, an approved vendor, or (with writtenissuer1 and VPA consent) to another destination Secure Shipment Unlimited Issuer, an approved vendor, or (with written issuer1 and VPA …
• Individual
• Mail Not allowed Courier Unlimited Issuer, an approved vendor, or (with written
Type of Delivery Card Volume Destination Personalized Cards
• Individual Mail1 Individual Package Cardholder Courier Unlimited Issuer, an approved vendor, or (with written issuer2 and VPA consent) to another destination Secure Shipment Unlimited Issuer, an approved vendor, or (with written issuer2 and VPA consent) to another destination Personalized Cards
• Mail Not allowed Courier Unlimited Issuer, an approved vendor, or (with written issuer2 and VPA consent) to another destination Secure Shipment Unlimited Issuer, an approved vendor, or (with written issuer2 and VPA …
• Individual Mail1 Individual Package Cardholder Courier Unlimited Issuer, an approved vendor, or (with written issuer2 and VPA consent) to another destination Secure Shipment Unlimited Issuer, an approved vendor, or (with written issuer2 and VPA consent) to another destination Personalized Cards
• Mail Not allowed Courier Unlimited Issuer, an approved vendor, or (with written issuer2 and VPA consent) to another destination Secure Shipment Unlimited Issuer, an approved vendor, or (with written issuer2 and VPA …
Removed
p. 42
d) PIN mailers and cards must be mailed separately, a minimum of two days apart.
Modified
p. 42 → 44
a) Personalized cards must be placed in envelopes that are nondescript and the same size and color as other envelopes with which they may be presorted or delivered to the postal service.
a) Personalized cards must be placed in envelopes that are nondescript (e.g., envelopes must not contain any brand marks) and the same size and color as other envelopes with which they may be presorted or delivered to the postal service.
Removed
p. 43
b) The courier service must provide a manifest and electronic tracking system.
Modified
p. 43 → 45
c) The documentation must include, but is not limited to: o The type of each card o The quantity per card type o The job number(s) o The date of shipment o The date of receipt o Name of receiving organization o Name and signature of person receiving the cards
c) The vendor must ensure packages sent by courier service contain a manifest prepared by the vendor that describes the package contents and enables content-verification upon receipt. The manifest prepared by the vendor must include but is not limited to: o The type of each card o The quantity per card type o The job number(s) o The date of shipment o The date of receipt o Name of receiving organization o Name and signature of person receiving the cards
Modified
p. 49 → 52
Personalization The process of applying the account and, when required for the product, cardholder-specific data to the card, uniquely tying the card to a given account. This includes encoding the magnetic stripe, embossing the card (if applicable), and loading data on to the chip.
Modified
p. 49 → 52
Pre-personalization (Chip Initialization) The process of replacing a transport key on a chip with an issuer-specific key and (optionally) activating the application.