A set of security requirements and assessment procedures provided to assess EMV’s 3D Secure Core security protocol.
Delta Tech PCI 3DS Core Security Standard and PCI 3DS SDK are two independent standards that
define the security controls over different areas of a 3DS environment.
PCI 3DS SDK is
the security standard applicable to entities that develop 3DS Software Development Kits
(SDK), as defined in the EMV ® 3-D Secure SDK Specification.
PCI 3DS Core Security
Standard is a set of security requirements and assessment procedures required to assess
EMV’s 3D Secure Core security protocol and core functions. PCI 3DS enhances secure user
authentication by adding an extra layer of security during CNP transactions.
The 3DS directory server maintains a lists of card ranges for which authentication may be available and coordinates communication between the 3DSS and ACS to determine whether authentication is available for a particular card number and device type.
The 3DS ACS contains authentication rules and is controlled by the Issuer. The ACS verifies whether authentication is available for a card number and device type, and authenticates specific transactions.
The 3DS Server provides the functional interface between the 3DS Requestor Environment flows and the Directory Server (DS) and the components falls under bank/merchant entities that handles payment request environments.