diff --git a/api/main_endpoints/routes/OfficeAccessCard.js b/api/main_endpoints/routes/OfficeAccessCard.js
index 63eacaa60..d6567c268 100644
--- a/api/main_endpoints/routes/OfficeAccessCard.js
+++ b/api/main_endpoints/routes/OfficeAccessCard.js
@@ -4,7 +4,6 @@ const {
   SERVER_ERROR,
   NOT_FOUND,
   OK,
-  FORBIDDEN,
 } = require('../../util/constants').STATUS_CODES;
 const membershipState = require('../../util/constants').MEMBERSHIP_STATE;
 const express = require('express');
@@ -83,10 +82,10 @@ router.get('/verify', async (req, res) => {
 
   if (apiKey !== API_KEY) {
     writeLogToClient(req.method, {
-      statusCode: FORBIDDEN,
+      statusCode: UNAUTHORIZED,
       message: `Invalid API key: ${apiKey}`,
     });
-    return res.sendStatus(FORBIDDEN);
+    return res.sendStatus(UNAUTHORIZED);
   }
 
   const cardVerification = await verifyCard(cardBytes);
diff --git a/api/main_endpoints/util/OfficeAccessCard.js b/api/main_endpoints/util/OfficeAccessCard.js
index a9360f5da..18c1a6a35 100644
--- a/api/main_endpoints/util/OfficeAccessCard.js
+++ b/api/main_endpoints/util/OfficeAccessCard.js
@@ -19,8 +19,7 @@ function verifyCard(cardBytes) {
             return resolve(false);
           }
           if (!result) {
-            const description = cardBytes !== null ? cardBytes : alias;
-            logger.info(`Card: ${description} not found in the database`);
+            logger.info(`Card: ${cardBytes} not found in the database`);
           }
           return resolve(result); // return the document
         });
diff --git a/test/api/OfficeAccessCard.js b/test/api/OfficeAccessCard.js
index 28ee669cb..625f847cf 100644
--- a/test/api/OfficeAccessCard.js
+++ b/test/api/OfficeAccessCard.js
@@ -18,7 +18,6 @@ const {
   UNAUTHORIZED,
   NOT_FOUND,
   SERVER_ERROR,
-  FORBIDDEN,
 } = require('../../api/util/constants').STATUS_CODES;
 const {
   initializeTokenMock,
@@ -125,14 +124,14 @@ describe('OfficeAccessCard', () => {
       expect(result).to.have.status(BAD_REQUEST);
     });
 
-    it('Should return 403 with invalid api key', async () => {
+    it('Should return 401 with invalid api key', async () => {
       const params = new URLSearchParams();
       params.append('cardBytes', VALID_CARD_BYTES);
       const path = VERIFY_API_PATH + '?' + params.toString();
       const invalidApiKey = API_KEY + '-invalid-suffix';
       const result = await test.sendGetRequestWithApiKey(
         invalidApiKey + '', path);
-      expect(result).to.have.status(FORBIDDEN);
+      expect(result).to.have.status(UNAUTHORIZED);
     });
 
     it('Should return 404 with valid api key and unknown card', async () => {