Cy9

PCI 3DS Certification

Enhance transaction security and customer trust with PCI 3DS certification.

PCI 3DS Core Security Standard is a set of security requirements and assessment procedures required to assess EMV’s 3D Secure Core security protocol and core functions. The Three-Domain Secure (3DS) is an EMVCo messaging protocol that enables consumers to authenticate themselves with their card issuer when making card-not-present e-commerce and m-commerce purchases.

There are three domains in the 3DS specification :

  • Acquirer Domain
  • Issuer Domain
  • Interoperability Domain

The standard requirements are organized in two parts:

  • Baseline Security Requirements : – A baseline of technical and operational security requirements designed to protect the 3DS data environment (3DE)
  • 3DS Security Requirements : – Security requirements to protect 3DS data, processes and technologies

PCI 3DS Core Security Standard defines a set of security requirements and assessment procedures required to assess EMV’s 3D Secure Core security protocol and core functions. PCI 3DS enhances secure user authentication by adding an extra layer of security during CNP transactions.

The EMV® 3-D Secure entities under PCI 3DS consideration are :

  • 3DS Directory Server (DS)
  • 3DS Access Control Server (ACS)
  • 3DS Server (3DSS)

All the necessary physical and logical security requirements and assessments are defined under the EMV 3-D Secure Protocol and Core Functions Specification. The controls defined in the standard protect the confidentiality and integrity of the 3DS transaction.

 

What We offer

Business Understanding

Evaluating business process and environment to understand the in-scope elements

Scope Finalization

Finalize the scope elements and prepare the requirement documentation

Readiness Assessment

Evaluating business process and environment to understand the in-scope elements

Risk Assessment

Evaluating business process and environment to understand the in-scope elements

Data Flow Assessment

Evaluating business process and environment to understand the in-scope elements

Documentation Support

Evaluating business process and environment to understand the in-scope elements

Remediation Support

Evaluating business process and environment to understand the in-scope elements

Awareness Training

Evaluating business process and environment to understand the in-scope elements

Scans And Testing

Evaluating business process and environment to understand the in-scope elements

Evidence Review

Evaluating business process and environment to understand the in-scope elements

Final Assessment and Attestation

Evaluating business process and environment to understand the in-scope elements

Continuous Compliance Support

Evaluating business process and environment to understand the in-scope elements

Scroll to Top