diff --git a/README.md b/README.md
index b75b9c3..8d5c7fb 100644
--- a/README.md
+++ b/README.md
@@ -16,9 +16,9 @@ The 'bolt card creation' instructions describe how to set up bolt cards for use
 | --- | --- |
 | [Specification](docs/SPEC.md) | Bolt card specifications |
 | [System](docs/SYSTEM.md) | Bolt card system overview |
-| [Install](docs/INSTALL.md) | Bolt card service installation |
+| [Service Install](docs/INSTALL.md) | Bolt card service installation |
 | [Automatic Card Creation](docs/CARD_ANDROID.md) | Bolt card creation using the Bolt Card app|
-| [Manual Card Creation](docs/CARD_MANUAL.md) | Bolt card creation using NXP TagXplorer|
+| [Manual Card Creation](docs/CARD_MANUAL.md) | Bolt card creation using NXP TagXplorer software|
 | [FAQ](docs/FAQ.md) | Frequently asked questions |
 
 ## Telegram group
diff --git a/docs/CARD_ANDROID.md b/docs/CARD_ANDROID.md
index dc8780d..9d607e0 100644
--- a/docs/CARD_ANDROID.md
+++ b/docs/CARD_ANDROID.md
@@ -8,7 +8,7 @@ Here we describe how to create your own bolt cards with the Bolt Card Android ap
  
 - some `NXP DNA 424 NTAG` cards
 - an Android device with NFC
-- a Bolt Card serice
+- a Bolt Card service
 - [the Bolt Card app](https://github.com/boltcard/bolt-nfc-android-app)
 - [the Bolt Card app usage document](https://github.com/boltcard/bolt-nfc-android-app#usage)
 
@@ -35,6 +35,7 @@ lnurlw://card.yourdomain.com/ln?c=...&p=...
 
 ### Write the key values to the card
 on the bolt card server
+- ensure the environment variables for the database connection are set up (see `boltcard.service`)    
 - enter the `createboltcard` directory
 - `$ go build`
 - `./createboltcard` to create a card
@@ -54,7 +55,7 @@ on the bolt card server
 - `card_db=# select card_id, one_time_code from cards order by card_id desc limit 1;`
 - check that this is the correct record (one_time_code matches from before)
 - `card_db=# update cards set uid = 'UID value from before without the 0x prefix' where card_id=card_id from before;`
-- `card_db=# update cards set enabled = 'Y' where card_id=card_id from before;`
+- `card_db=# update cards set enable_flag = 'Y' where card_id=card_id from before;`
 
 ### Make a payment
 - monitor the bolt card service logs
diff --git a/docs/INSTALL.md b/docs/INSTALL.md
index 0fccff7..24df150 100644
--- a/docs/INSTALL.md
+++ b/docs/INSTALL.md
@@ -5,6 +5,10 @@
 1 GHz processor, 2 GB RAM, 10GB storage minimum  
 Ubuntu 20.04 LTS server
 
+### login
+
+create and use a user named `ubuntu`
+
 ### install Go
 
 [Go download & install](https://go.dev/doc/install)  
@@ -51,7 +55,8 @@ edit `create_db.sql` to set the cardapp password
 ### boltcard service install
 `$ sudo cp boltcard.service /etc/systemd/system/boltcard.service`  
 `$ ./s_build`  
-`$ systemctl status boltcard`
+`$ sudo systemctl enable boltcard`  
+`$ sudo systemctl status boltcard`
 
 ### https setup
 set up the domain A record to point to the server  
@@ -75,9 +80,14 @@ this should respond with 'bad request' and show up in the service log
 navigate to the service URL from a browser, for example `https://card.yourdomain.com/ln?2`  
 this should respond with 'bad request' and show up in the service log  
 #### bolt card
-[create a bolt card](CARD.md) with the URI pointing to this server  
+[create a bolt card](CARD_ANDROID.md) with the URI pointing to this server  
 use a PoS setup to read the bolt card, e.g. [Breez wallet](https://breez.technology/)   
 monitor the service log to ensure decryption, authentication, payment rules and lightning payment work as expected  
+#### production use
+ensure that LOG_LEVEL is set to PRODUCTION  
+ensure that all secrets are minimally available  
+ensure that you have good operational security practices  
+monitor the system for unusual activity  
 
 # Further information and support