Security framework

Banking, payment and eGovernment markets require a certain security level from all manufacturers within the supply chain. The globally most commonly accepted certification framework is the Common Criteria (www.commoncriteriaportal.org).

NedCard has positioned itself with Common Criteria by having obtained the EAL5+ certification for its production sites. This certificate means that customer products do not need any separate approval process for the module assembly when produced at NedCard. Therefore, the NedCard EAL5+ certificate is an integral part of the security certification of the product.

The security certification means that NedCard sites are surrounded by a fence and access is only granted to known parties. Continuous closed-circuit camera surveillance is present at both sites and the recordings are stored according to the local laws. The building includes several areas with different access levels, which are centrally monitored as well.

Additionally, the IT-infrastructure is specifically designed to meet the strict demands of the EAL5+ security level. Multiple firewalls and separate IT-systems for production and office computers are in place at NedCard.

Security material is stored in a safe that is locked at all times. This also applies to scrap material with dies, which is stored in special locked security scrap containers that are regularly emptied at a material destruction facility.

NedCard has an impeccable tracking system that scans all used and moved materials into the ERP-system. At specific points the “four-eye principle” is used, which means that two individuals need to be present simultaneously to approve a certain operation. With this system NedCard can track all the incoming and outgoing dies and detail the differences in categories. 

Security framework