Schellman & Company, LLC, a leading provider of attestation and compliance services, has become an assessor in the PCI Security Standards Council’s new 3-D Secure (3DS) program, and can assess entities against the PCI 3DS Core Security Standard. This includes entities performing functions of a 3DS Server, Access Control Server, or Directory Server.
The PCI 3DS Security Requirements implements EMVCo’s 3-D Secure standard to offer improved authentication between the cardholder and the issuer and reduce fraud for card-not-present transactions similarly to how EMV reduces fraud for card-present transactions. The PCI 3DS Core Security Standard helps organizations offering 3DS services to align their 3DS compliance with their PCI DSS compliance and provide rigorous security for their entire payment service environment.
About the Author
Jacob Ansari is the Chief Information Security Officer at Schellman & Company, where he develops and manages the company-wide information security program. Jacob oversees the processes for risk and security assessment, vulnerability management, software security, awareness and education, and incident response. Jacob has also performed in a client facing role as the technical lead for Schellman’s PCI services, and represents Schellman to the payments industry. Additionally, Jacob has experience with other Payment Card Industry assessment services, namely Software Security Framework, PA-DSS, P2PE, 3DS, and PIN. Jacob has extensive technical expertise on matters of information security, compliance, application security, and cryptography, and has been performing payment card security assessments since the card brands operated the predecessor standards to PCI DSS. Over the 20 years of his career, Jacob has spoken extensively on PCI-related matters, trained and mentored assessors, and contributed to groups on emerging standards, advisory bodies, and special interest groups.
More Content by Jacob Ansari
