Informed Delivery USPS Security Standards and Procedures March

Informed ® Delivery USPS Security Standards and Procedures March 2017 1

What is Informed Delivery? Informed Delivery is a consumer-facing feature that gives eligible residential consumers the ability to see a daily digital preview of their household’s mail arriving in their mailbox soon. e Users receive a morning email that includes grayscale images of the exterior, address side of incoming letter-sized mailpieces (processed through automated equipment); users can also view images on the dashboard at informeddelivery. usps. com 2 If a Mailer participates in the Informed Delivery operational test, color images and interactive content will also be shown (Letters or Flats)

How Secure is Informed Delivery? USPS takes the privacy of mail very seriously and adheres to the privacy requirements of the Privacy Act established by the federal government. The mail is protected by the U. S. Postal Inspection Service, whose sole mandate is to safeguard all USPS employees and customers. ü Similar to a physical mailbox, Informed Delivery is provided at a household level • Individuals who share a residence and mailbox (such as roommates, families, etc. ) will receive images for all mail delivered to that household ü Each consumer must complete an identity verification process that validates their physical address in order to participate in Informed Delivery ü When the U. S. Postal Service® detects that an Informed Delivery user submits an Official Change of Address, access to Informed Delivery will be temporarily suspended until the change of address is confirmed • A consumer may re-sign up for Informed Delivery at their new address and reverify his or her address ü Scanned images are of the external envelope, showing only the address side of letter-sized mail 3

Sample Translucent Envelope Images The below envelope samples were obtained with permission from the Informed Delivery users. Details have been redacted to protect individual and mailer information. Back of the greeting card is slightly visible through this envelope 4 Front fold in this mailpiece is faintly visible; does not reveal any personal consumer information

Translucent Envelopes Why might an envelope be translucent and what content can be seen? • An envelope may be partially translucent if it is constructed of thinner material • Similar to holding an envelope directly under light or in direct sun light, the camera flash may cause an envelope to appear slightly translucent • Only content on the front fold of the inside mailpiece may be seen in an image • Bolded words and logos are often what may be seen through a translucent envelope What can mailers do to mitigate this issue? • Comply with design standards as documented in the USPS Domestic Mail Manual (DMM) • Ensure that sensitive information does not appear on the front fold of the mailpiece • Provide a Replacement image to be included in the user’s notification instead of the actual mailpiece image How is USPS addressing this issue? • Reviewing sample mailpiece images to determine how often envelopes appear translucent • Advising mailers on the envelope quality necessary for preventing translucency 5

Customer Data Protection The Corporate Information Security Office (CISO) protects the information network of USPS, monitors threats, responds to incidents, and boosts cyber resilience. USPS Approach to Protecting Customer Data 6 Comprehensive Security Reviews Rigorous Information Security Standards Dedicated Customer Support & Resources Conduct a mandatory process to evaluate the security of applications prior to deployment to ensure they meet USPS security standards Enforce strict security standards based on Federal regulations and industry best practices to protect customer information and privacy Provide detailed guidance on security standards and have dedicated staff available to consult with and advise customers on secure mailpiece design

Mail Image Security Measures What information do we capture in mail images? • USPS captures grayscale images of the exterior, front-side of mail using existing automated processes • Data is classified as Sensitive and is protected in accordance with USPS standards How do we enforce mail image application security? • USPS performs a comprehensive security review on all applications prior to deployment • USPS regularly works with DHS to validate the security of its systems and networks. How do we protect mail images? • Information captured through mail images is treated as sensitive information • Data and images are encrypted at rest and in transit per USPS Information Security Policy Do we retain mail images? • Mail images are stored only for troubleshooting purposes, for redirected mail, and for Informed Delivery • Informed Delivery images are available in the user’s account for up to seven days 7

Customer Support and Mail Guidance To protect sensitive information from being visible in images, customers should develop envelopes that comply with design standards as documented in the USPS Domestic Mail Manual (DMM). Benefits of Mailpiece Design Compliance 1 Ensures sensitive information is protected and not visible in USPS mail images 2 3 Allows USPS automated equipment to properly read and scan your mail Enables seamless and efficient mail delivery to the correct destination Customer Support Options Mailpiece Design Analysts (MDA) • USPS connects customers to MDAs who have specialized mailpiece design expertise • Customers can contact a MDA by calling 1 -855593 -6093 or sending a request via email to MDA@usps. gov 8 Pricing and Classification Service Model (PCSC) • The PCSC provides one source for mail classification decisions and offers guidance and support on mailpiece design • Customers can request assistance by submitting an Application Form

Appendix 9

Detailed Mailpiece Design Standards The information below outlines design standards from the USPS DMM that are relevant to mail image security. USPS customers are responsible for complying with these standards. DMM Standard Detailed Requirements • Produce a background reflectance of at least 50% in the red portion and 45% in the green Background Reflectance Print Reflectance Difference (PRD) portion of the optical spectrum in the barcoded lower right corner and the area surrounding the barcode (within 1/8 inch of the leftmost and rightmost bars and 1/25 inch above and below the barcode) in the address block • Produce a PRD, (reflectance of background minus reflectance of ink), of at least 30% in the red and green potions of the optical spectrum between the background material of the mail and the barcode • Ensure the materials on which the barcode appears have enough opacity to prevent printing Opacity Dark Fibers & Background Patterns 10 from being visible • The print contrast ratio of print (aside from the barcode) that shows through the barcode area in the address block must not exceed 15% when measured in the red and green portions of the optical spectrum • Avoid using dark fibers or background patterns that produce a print contrast ratio of more than 15% when measured in the red and green portions of the optical spectrum in the area of the address block