Dara Security

The PCI 3DS Audit

EMV Three-Domain Secure (3DS) is an EMVCo messaging protocol that allows consumers to self-authenticate with their card issuer during card-not-present (CNP) m-commerce or e-commerce transactions. This security layer helps prevent fraudulent CNP purchases and protects the merchant from CNP exposure to fraud. The three domains are the:

    Acquirer domain


    Issuer domain


    Interoperability domain


The PCI Council has released the PCI 3DS Core Security Standard which aims to improve the overall security of online payments by securing the critical components to the transaction process: ACS, DS, and 3DS Server.

Companies that manage or provide EMV 3DS components are candidates for the PCI 3DS Audit. These EMV 3DS Solution Providers are obligated to demonstrate compliance with the PCI 3DS Standard annually.

Our PCI 3DS Certification qualifies us to assist companies comply with the PCI 3DS Security Standard. Our 3DS assessors will use the PCI 3DS Standard as a framework for assessing and reporting on the implemented security controls.