Pre-personalization
ManufacturingAn initial manufacturing step loading transport keys, card serial numbers, and a basic file system onto blank card chips before they are shipped to a personalization bureau, establishing a secure supply chain handoff.
What Is Pre-Personalization?
Pre-personalizationPre-personalizationManufacturingLoading transport keys and serial numbers before main personalization.Click to view → is the initial manufacturing step that loads transport keys, card serial numbers, and a basic file system onto blank smart card chips before they are shipped to a personalization bureau for final cardholder-specific data loading. This step establishes a secure handoff point in the supply chain, ensuring that only authorized personalization systems can communicate with the card and load sensitive data.
Pre-personalization is sometimes called "pre-perso" and is distinct from electrical personalization, which writes the actual cardholder credentials.
What Gets Loaded
During pre-personalization, the card chip receives:
| Data | Purpose |
|---|---|
| Transport keys | Temporary symmetric keys for secure communication during personalization |
| Card serial number (CSN) | Unique identifier for supply chain tracking and key diversification |
| Card Production Life Cycle (CPLC) data | Manufacturing metadata (fab date, IC type, OS version) |
| Base file system | Directory structure for future application data |
| OS configuration | JavaCard VM parameters, GlobalPlatform security domains |
| Card Manager key set | Initial Issuer Security Domain (ISD) keys for SCP03 |
Transport Key Security
Transport keys serve a specific purpose: they protect the card during transit from the chip manufacturer or card vendor to the personalization bureau. The bureau replaces transport keys with production keys during the personalization process.
The transport key lifecycle follows strict procedures:
- Generation -- transport keys are generated during a key ceremony at the chip vendor.
- Loading -- keys are loaded onto each chip during pre-personalization, diversified per card using the CSN.
- Distribution -- key material is securely transmitted to the personalization bureau (encrypted, via HSM-to-HSMHSMSecurityPhysical device for key management.Click to view → transfer).
- Replacement -- during personalization, the bureau opens a secure channel using the transport key, then replaces it with the issuer's production keys.
- Destruction -- transport keys are zeroized from the bureau's HSM after all cards in the batch are personalized.
Supply Chain Protection
Pre-personalization creates a critical security boundary. A card with only transport keys cannot process live transactions or authenticate to production systems. If cards are intercepted during shipping, the transport keys (known only to the manufacturer and the intended personalization bureau) prevent unauthorized data loading.
This is especially important for EMV payment cards and government PIV cards, where a compromised supply chain could result in fraudulent cards entering circulation.
Часто задаваемые вопросы
The smart card glossary is a comprehensive reference of technical terms, acronyms, and concepts used in smart card technology. It covers protocols (APDU, T=0, T=1), security (Common Criteria, EAL, HSM), hardware (SE, EEPROM, contact pad), and applications (EMV, ePassport, eSIM). It serves developers, product managers, and engineers.
Yes. SmartCardFYI provides glossary definitions in 15 languages including English, Korean, Japanese, Chinese, Spanish, Portuguese, Hindi, Arabic, French, Russian, German, Turkish, Vietnamese, Indonesian, and Thai.