If your business handles online credit or debit card transactions, you’re probably aware that protecting information associated with these transactions is critically important. You may also know that certifying for the 3D Secure (3DS) standard is a great way to ensure this sensitive information is well-defended against cyberattacks.
If you need help achieving 3DS certification for the first time or re-certifying to make sure your organization is compliant with the latest version of the standard, Tevora can help. As one of the few firms that have achieved Payment Card Industry (PCI) 3DS Qualified Service Assessor status, we are very well qualified to help you achieve this important milestone.
What is 3DS?
3DS is a security standard developed by the major payment card brands—Visa, MasterCard, American Express, Discover, and JCB—that provides an extra layer of protection for online credit and debit card transactions. By enabling cardholders to authenticate themselves to card issuers when making e-commerce and m-commerce purchases, 3DS reduces merchants’ exposure to fraud.
Who Should Certify for 3DS?
Merchants, banks, and their service providers that handle online credit or debit card transactions authentication should certify for 3DS to ensure payment data is well protected.
What Benefits Does 3DS Offer?
Certifying for 3DS offers the following benefits for your organization:
- Reduces fraud risk related to compromised payment card data.
- Protects your customers’ credit and debit card information.
- Authenticates the parties involved in online payment transactions (cardholders, banks, merchants, and service providers).
- Demonstrates to your customers and other stakeholders that you are serious about security.
What’s the Process for Achieving 3DS Certification?
Tevora uses a three-step process for helping clients achieve 3DS certification:
- Gap Analysis. Collect data, conduct interviews, and perform analysis to identify areas where you are not fully compliant with the 3DS standard. Develop recommendations for work that needs to be done to close these gaps.
- Develop or update security policies, procedures, controls, and systems as needed to align with 3DS requirements. Tevora’s team of experienced security specialists can partner with you to do as much or as little of this work as you would like.
- Tevora’s 3DS Qualified Service Assessor team performs a comprehensive audit to validate your compliance with 3DS and, upon successful validation, prepares the reports required to demonstrate your compliance to the payment brands.
We Can Help
If you have questions about 3DS or would like help getting certified, we’ve got you covered. Just give us a call at (833) 292-1609 or email us at firstname.lastname@example.org.
About the Authors
Christina Whiting is the Principal Consultant of Privacy, Enterprise Risk & Compliance at Tevora.
Jason Pieters is the Managing Director of Payments at Tevora.