EMVCo and PCI SSC combine expertise on 3-D Secure 2.0
Technical body EMVCo and PCI Security Standards Council have announced that they are collaborating to support the upcoming launch of 3-D Secure 2.0 (3DS 2.0). The announcement was made at the PCI Security Standards Council Community Meeting of global cybersecurity experts in Las Vegas last week, according to a press release.
3DS is a messaging protocol used by the payments industry to enable consumers to authenticate themselves with their card issuers when making online purchases through PC web browsers. Later this year, EMVCo will release EMV 3-D Secure – Protocol and Core Functions Specification v2.0 (EMV 3DS 2.0 Specification). This specification will support the payments industry in delivering a globally interoperable and consistent consumer experience across major e-commerce channels and connected devices, including in-app purchases.
Based on this functional specification, the PCI Security Standards Council is working to provide security requirements, testing procedures, assessor training and reporting templates to address the environmental security associated with 3DS 2.0. The related documentation will be released in the first half of 2017.
"3DS 2.0 is critically important to introduce improved authentication and we are excited to be working hand-in-hand with EMVCo to secure all payment channels," said PCI Security Standards Council Chief Technology Officer Troy Leach. "The marketplace is changing every day, and with mobile payments projected to continue to rise, it is vitally important that the security concerns be addressed in the design of the authentication system to keep up with the evolving threats."