Preparing your payment software for 3-D Secure
3Ds enables consumers to authenticate themselves with their card issuer when making card-not-present (CNP) and mobile purchases. The additional security layer helps prevent unauthorized CNP transactions and protects the merchant from CNP exposure to fraud.
The PCI Security Standards Council (PCI SSC) provides guidelines for identifying and implementing appropriate security controls to protect the 3DS transaction process.
A new security standard, PCI 3DS Core Security Standard, has been released to help secure the 3DS components that are critical to the overall Chip & Pin cards Europay, Mastercard and Visa (EMV®) 3DS transaction process, supporting the integrity and confidentiality of 3DS authentication data and improving the overall security of online payments.
Who has to comply with the PCI 3DS Core Security Standard?
The standard is intended for companies that manage or provide EMV® 3DS components, specifically: Access Control Server (ACS), Directory Server (DS), and 3DS Server (3DSS).
You’ll need to make sure your developers and software providers are preparing your payment software, such as mobile apps and websites for 3-D Secure (3DS).
For more information, please read 3D Secure.
Here to help
If you need any assistance, please contact your Elavon Customer Security Consultancy Team: PCIEurope@elavon.com