What are commissioning cards?
Ingenico have devised a system that allows for dual control and traceability of who enabled the card reader and pinpad, the system involves a “Commissioning kit” of two smartcards each with a unique PIN, one card each is sent to the two individuals nominated by the person buying the equipment and then a PIN is sent via e-mail directly to the cardholder, so two people have one card each with a unique PIN. The equipment is shipped with the tamper switches free so in order to use the card reader and Pinpad the tamper switches must be depressed (as they would in the final enclosure, i.e. kiosk or pay machine), the two cards can then be entered to make the equipment usable or commissioned. Every time the card reader and pinpad are removed from the enclosure the tamper switches are released and the equipment must be commissioned again.
Why are commissioning cards necessary?
The latest PCI rules require that hardware that accepts credit card data in an unattended environment need an anti-removal mechanism (tamper switches) and a procedure for re-installation using dual control techniques and traceability of who enabled the equipment and when, so pinpads and card readers can only be used when installed by authorised personnel. In practice this means that Pinpad’s and card readers need a system that can demonstrate who commissioned the equipment and when that happened every time the tamper switches have been released.
Details of the PCI requirements
The PCI requirements in the Core Physical Security Requirements, A11 this states:-
This is further explained in the Derived Tests Requirements ( DTR) and FAQ which state:
Further if passwords are used, PCI PTS requires: