Schellman & Company, LLC, a leading provider of attestation and compliance services, has become an assessor in the PCI Security Standards Council’s new 3-D Secure (3DS) program, and can assess entities against the PCI 3DS Core Security Standard. This includes entities performing functions of a 3DS Server, Access Control Server, or Directory Server.
The PCI 3DS Security Requirements implements EMVCo’s 3-D Secure standard to offer improved authentication between the cardholder and the issuer and reduce fraud for card-not-present transactions similarly to how EMV reduces fraud for card-present transactions. The PCI 3DS Core Security Standard helps organizations offering 3DS services to align their 3DS compliance with their PCI DSS compliance and provide rigorous security for their entire payment service environment.
About the Author
Jacob Ansari is a Manager at Schellman. Jacob performs and manages PCI DSS assessments. Additionally, Jacob oversees other Payment Card Industry assessment services, namely PA-DSS and P2PE. Jacob’s career spans fifteen years of information security consulting and assessment services, including network and application security assessments, penetration testing, forensic examinations, security code review, and information security expertise in support of legal matters. Jacob has performed payment card security compliance assessments since the payment card brands operated their own standards prior to the advent of PCI DSS. Jacob speaks regularly to a variety of audiences on matters of information security, incident response, and payment card compliance strategy.More Content by Jacob Ansari