PCI 3D Secure

PCI 3DS adds an extra layer of security that lets users authenticate themselves with the service providers or payment gateways during Card-Not-Present (CNP) transactions
Payment Card Industry 3-Domain Secure (PCI 3DS) is a PCI Core Security Standard by PCI SSC, supporting the functionality of EMVCo’s EMV 3D Secure core security protocol and respective core function specification.

It helps in reducing CNP payment frauds and assure security to payment service providers.

The three domains of 3D Secure are the keys for secure authentication

The Merchant/Acquirer Domain (3DS Server)

This domain includes banks/merchant entities that handle payment request environments

The Issuer Domain (3DS Access Control Server)

This domain ensures the applicability of authentication for a particular card and is managed by the issuer bank. Whether it comes under 3DS environment or not is validated under this domain.

The Interoperability Domain (3DS Directory Server)

This domain is responsible for authentication, validation and maintenance of data flow among server entities.

The three domains of 3D Secure are the keys for secure authentication

How SISA Can Help You?

SISA is a 3DS Assessor that provides efficient and cost-effective services to provide sophisticated threat prevention solutions that not only helps in securing your CNP transactions but also gives you flexibility in maintaining compliance with various high-level security standards like PCI DSS.

SISA’s approach towards PCI 3DS involves in three phases:
Phase 1- Prevention

This phase covers in setting up the scope of 3DS environment and analysing the gaps.

Phase 2- Remediation

This phase involves in mitigation of action points for the gaps found in the gap analysis phase.

Phase 3- Certification

After a successful closure of the action points, an Attestation of Compliance, Report on Compliance and Certification of Compliance are provided to help in maintaining secure CNP transactions along with compliance.

Contact us today to know more about 3D Secure and implement the effective security for your customers card-not-present transactions

    Request a Call