Card Production and Provisioning – Logical
Card Production and Provisioning - Logical Security Requirements
This standard provides the logical security requirements for card production and provisioning functions to protect payment card data. They address the logical security activities associated with card production and provisioning such as data preparation, pre-personalization, card personalization, and PIN generation. It also includes the logical security requirements for entities that:
- Perform cloud-based or secure element (SE) provisioning services
- Manage over-the-air (OTA) personalization, lifecycle management, and preparation of personalization data
- Manage associated cryptographic keys, mailers, and card carriers and distribution
Important Information
Intended Audience
For entities that perform card production and provisioning activities at the request of the payment brands, including data preparation, pre-personalization, card personalization, PIN generation, PIN mailers, and card carriers and distribution, cloud-based or secure element provisioning services; managing over-the-air (OTA) personalization, lifecycle management, preparation of personalization data; and managing associated cryptographic keys.
Card Production and Provisioning - Logical Security Requirements Documents
Find all of the related documents in the PCI SSC Document Library.
Listings & Professionals
There is no product listing for Card Production and Provisioning – Logical Security Requirements.
Card Production Security Assessors–Logical (CPSA-L) are qualified and trained by PCI SSC to perform independent assessments of card production environments against the Card Production and Provisioning–Logical Security Requirements and in accordance with the CPSA Program Guide.
Resources
Training Information
The Payment Card Industry Professional is an individual, entry-level certification in payment security information and provides you with the understanding to help your organization build a secure payment environment. Becoming a PCIP demonstrates a level of understanding that can provide a strong foundation for a career in the payments security industry.
Knowledge Training courses are designed to bridge the knowledge gap between organizations and assessors by providing learning opportunities for individuals to take the same training and exam as the Assessor. Upon successful completion of training, learners will be given an acknowledgement of completion as well as the option to complete the exam and receive a digital badge.
Get your team trained together! We are pleased to offer all our PCI training programs as either in-person or remote Instructor-led eLearning. Learn directly from an instructor with hands-on experience in the field of payments security. Your organization will receive all the benefits of an instructor-led training class, at a time and place most convenient for you and your staff.
Compliance programs for all PCI SSC standards are managed by the payment brands. Questions about which entities need to validate compliance to any PCI SSC standard, or whether use of a PCI-listed product is required and for which entities, should be referred to the payment brands. Contact information for the payment brands is in FAQ #1142.
