PCI Security Standards Council®

3DS Assessors

3DS Assessors are qualified by PCI SSC to perform assessments using the PCI 3DS Core Security Standard (Security Requirements and Assessment Procedures for EMV® 3-D Secure Core Components: ACS, DS, and 3DS Server). 3DS Assessor Employees are individuals who are employed by a 3DS Assessor Company and have satisfied all 3DS Assessor Qualification Requirements applicable to employees of 3DS Assessor Companies who will conduct 3DS Assessments, as described in further detail in the Qualification Requirements For 3DS Assessors.

This form is used to review 3DS Assessors and their work product, and is intended to be completed by the client, after a PCI 3DS Assessment.

Information collected from the Feedback Form will be held in strict confidence and used for the sole purpose of improving the quality of service provided by the 3DS Assessor.

Fields marked * are required.

Client (Software Vendor)

Title

3DS Assessor Company

*
3DS Assessor Company Title

Location of Assessment

Postal Code
Country

3DS Assessor employee who performed Assessment

*
ID Number

 

For each statement, please indicate the response that best reflects your experience and provide comments.
  • 5 = Strongly Agree
  • 4 = Agree
  • 3 = Neutral
  • 2 = Disagree
  • 1 = Strongly Disagree

Statement

Select
One

Comments

1. During the initial engagement, the 3DS Assessor explained the objectives, timing, and review process, and addressed your questions and concerns.
2. The 3DS Assessor employee(s) understood your business and technical environment, as well as the cardholder data environment.
3. The 3DS Assessor employee(s) had sufficient security and technical skills to effectively perform this assessment.
4. The 3DS Assessor sufficiently understood the 3DS Core Security Standard and Assessment Procedures.
5. The 3DS Assessor effectively minimized interruptions to operations and schedules.
6. The 3DS Assessor provided an accurate estimate for time and resources needed.
7. The 3DS Assessor provided an accurate estimate for report delivery.
8. The 3DS Assessor did not attempt to market products or services for your company to attain 3DS compliance.
9. The 3DS Assessor did not imply that use of a specific brand of commercial product or service was necessary to achieve compliance.
10. In situations where remediation was required, the 3DS Assessor presented product and/or solution options that were not exclusive to their own product set.
11. The 3DS Assessor used secure transmission to send any confidential reports or data.
12. The 3DS Assessor demonstrated courtesy, professionalism, and a constructive and positive approach.
13. There was sufficient opportunity for you to provide explanations and responses during the assessment.
14. During the review wrap-up, the 3DS Assessor clearly communicated findings and expected next steps.
15. The 3DS Assessor provided sufficient follow-up during your company's remediation efforts, until eventual compliance was achieved.
Please provide any additional comments here about the 3DS Assessor, your assessment experience, or the 3DS documents.



 

3DS Assessor Feedback Form for Payment Brands and Others

This form is used to review 3DS Assessors and their work product, and is intended to be completed after a PCI 3DS Assessment as needed by Payment Brand participants, banks, and other relevant parties. Information collected from the Feedback Form will be held in strict confidence and used for the sole purpose of improving the quality of service provided by the 3DS Assessor. This form can be obtained directly from the 3DS Assessor during the assessment, or can be found online in a printable format at https://www.pcisecuritystandards.org.

Fields marked * are required.

Client
(Software Vendor)

*

3DS Assessor Company

*

Payment Brand Reviewer

*
*
*
*

3DS Assessor employee who performed assessment

*
Employee ID Number

 

For each statement, please indicate the response that best reflects your experience and provide comments.
  • 5 = Strongly Agree
  • 4 = Agree
  • 3 = Neutral
  • 2 = Disagree
  • 1 = Strongly Disagree

Statement

Select
One

Comments

1. The 3DS Assessor clearly understood how to notify your payment brand about compliance and non-compliance issues, and the status of merchants and service providers.
2. The Client had a positive and professional experience with the 3DS Assessor.
3. The 3DS Assessor employee(s) had sufficient security and technical skills to effectively perform this assessment.
4. The 3DS Assessor appropriately documented the results related to their findings.
5. From your understanding, the 3DS Assessor appropriately scoped the assessment.
Please provide any additional comments here.



 

Our website uses both essential and non-essential cookies to analyze use of our products and services. This agreement applies to non-essential cookies only. By accepting, you are agreeing to third parties receiving information about your usage and activities. If you choose to decline this agreement, we will continue to use essential cookies for the operation of the website. View Policy