Frequently Asked Question

The Card Production Logical and Physical Security Requirements were published by PCI SSC in 2013, and are intended to provide manufacturers and producers of payment cards with a comprehensive resource of security requirements for card production activities. The Card Production Logical and Physical Requirements are separate standards in their own right, and are not subsets of PCI DSS, PA-DSS, or any other PCI standard. 

These security requirements were previously managed separately by each payment brand, and they have now have been aligned to provide a single set of criteria that is recognized across the industry.  Any queries about assessment of card production facilities should be directed to the payment brands, as they are responsible for defining and managing compliance programs associated with the Card Production Security Requirements.   Payment brand contact details can be found in FAQ #1142: How do I contact the payment card brands?.