What is the PCI 3DS Audit?

Three-Domain Secure (3DS) is a protocol for card-not-present purchase authentication. It adds a security layer to prevent unauthorized transactions and fraud. The PCI 3DS Audit checks the correct implementation of these controls. There are three domains in the 3DS specification:

  • Acquirer Domain,
  • Issuer Domain, and
  • Interoperability Domain

Section 1: Baseline Security Requirements, which provide security requirements to protect the environments where 3DS is performed.

Section 2: 3DS Security Requirements, which provides security controls to protect 3DS data, processes and technologies.

Who Should Comply with PCI 3DS?

The 3DS standard is applicable to three entities:

  • Access Core Server
  • Directory Server
  • 3DS Server

The standard is intended to provide controls that in turn protect the confidentiality and integrity of the 3DS transaction. If you would like to know more our PCI 3DS Audits, please feel free to contact us.

Talk to us for a

secure tomorrow

Stay ahead of the evolving data breach and cybercrime landscape.

Contact Us!