3DS Assessor Qualification

3DS Assessor Qualification

The 3DS Assessor program teaches you to perform assessments of 3DS Environments in accordance with the PCI 3DS Core Security Standard. This training course will provide you with the understanding of the logical and physical security requirements as well as assessment procedures for performing PCI 3DS Assessments.

Upon completion of the course, you’ll be able to conduct PCI 3DS Assessments, validate and attest as to an entity’s PCI 3DS Core Security Standard compliance status, and prepare appropriate compliance reports (such as Reports on Compliance (RoC)) required by payment card brands and acquiring banks.

training-3ds
Register Now
Course Highlights
Schedule
Prices
How to Prepare
Exam Information
Registration
Requalification

Course Highlights

The PCI 3DS Core Security Standard provides a set of logical and physical security requirements as well as assessment procedures for performing PCI 3DS Assessments. The training program is comprised of single-day instructor-led course and exam.

The 3DS Assessor training covers the PCI 3DS Core Security Standard requirements, and associated testing procedures. Candidates will learn how to:

  • Validate and confirm 3DS Data Environment (3DE) scope as defined by the assessed entity.
  • Select employees, facilities, systems, and system components accurately representing the assessed environment if sampling is employed.
  • Be on-site at assessed entity during the PCI 3DS Assessment.
  • Evaluate compensating controls as applicable.
  • Apply independent judgement about whether the assessed entity meets PCI 3DS Core Security Standard.
  • Effectively use the PCI 3DS ROC Reporting Template to produce 3DS Reports on Compliance (3DS ROCs).
  • Validate and attest as to an entity’s PCI 3DS Core Security Standard compliance status.
  • Conduct follow-up assessments, as needed.
  • Learn how to complete the 3DS ROC and 3DS AOC documentation that are required for submission of completed assessments.
  • The 3DS Assessor training course consists of a one-day instructor-led classroom training and exam providing.
  • The qualification exam is taken immediately following the classroom training. The exam is closed-book.

Right for You?

You are a current QSA with at least 3 years’ experience, who is employed by a QSA company, possessing the required industry certifications.

Please contact your organization’s QSA Primary Contact to enroll in the 3DS Assessor program.

Become Qualified
3-Domain Secure Assessor (3DS) Certification

Digital Badging

When you become a 3DS Assessor, display your digital badge and represent your skills and gives you a way to share your abilities online in a way that is simple, trusted and can be easily verified in real time.

Find out more about our digital badges

Schedule

  • 16 May 2023

    12:00-19:00 GMT

    Remote

  • 8 Sep 2023

    09:00-17:30 PDT

    Portland, OR

  • 7 Nov 2023

    12:00-19:00 BST

    Remote

Remote classes are a combination of eLearning and a live webinar.

training-schedule-2

Become a 3DS Assessor when you take this class and become qualified.

REGISTER NOW

Prices

Course Price

New 3DS Assessor training (In person or eLearning)

 $1,500 USD

Requalification 3DS Assessor Training

 $1,200 USD

Knowledge Training Non-PO *

 $1,000 USD

Knowledge Training PO *

 $700 USD

Please note: Unless otherwise specified the training and exam will be delivered in English.

Price does not include any applicable VAT/HST/GST which will appear on your invoice.

*Knowledge training does not lead to assessor status.

training-extra-3

Your organization must be a QSA company to register candidates for 3DS training.

More Information

How to Prepare for the Exam

Prior to the training class, you should familiarize yourself with these publications on the PCI website:

  • Payment Card Industry (PCI) Security Requirements and Assessment Procedures for EMV® 3-D Core Secure Components: ACS, DS, and 3DS Server
  • Payment Card Industry (PCI) 3DS Assessor Program Guide
  • Payment Card Industry (PCI) 3DS Assessor Qualification Requirements
  • Payment Card Industry (PCI) Data Security Standard Requirements and Security Assessment Procedures
  • Payment Card Industry (PCI) Data Security Standard Qualification Requirements for Qualified Security Assessors (QSA)
  • EMV® 3-D Secure Specification
training-doc-library-2

Visit our document library for access to all 3DS documentation.

Visit the Document Library

Exam Information

The 3DS Assessor training course consists of a one-day instructor-led classroom training and exam providing:

  • In-person engagement and collaboration as well as networking opportunities
  • Ability to focus on curriculum in classroom setting
  • Learn directly from an expert PCI SSC trainer with hands-on experience assessing merchants and/or service providers

The qualification exam is taken immediately following the classroom training. The exam is closed-book.

The Primary Contact at the QSA Company will be notified of results within two weeks after the candidate attends the instructor-led PCI 3DS training and exam. Employees who do not meet the minimum passing score set by the PCI SSC may retake New 3DS training and exam, upon registration and payment of a new invoice. For each attendee that passes the exam, the 3DS Company will receive a certificate that validates the employee for the next 12 months.

Attendance during the course is mandatory. Missing more than 30 minutes of the class will automatically result in forfeiture of the PCI SSC 3DS Assessor exam and removal from the class.

Registration Process

In order to attend 3DS Assessor training you must be a full-time employee of an active QSA Company. Please see the Qualification Requirements for 3DS Assessors for more details.

All candidates must apply to the 3DS Assessor program and be approved by the PCI Council in order to enroll in a training class. All training inquiries and assignments must be submitted through your company’s assigned Primary Contact. Other requirements include:

  • Must be a QSA
  • Have at least 3 years’ experience as a QSA Employee
  • Possess a minimum of two industry-recognized certifications with at least one in each of information security and IT audit (as defined in QSA Qualification Requirements section 3.2)
REGISTER NOW

Requalification Requirements

In order to maintain the high standards set for this certification, all 3DS assessors must pass a requalification exam every 12 months and sign and accept the terms of the PCI SSC Code of Responsibility in order to continue as an active 3DS Assessor for their company.

The requalification course is offered in a convenient eLearning format. All training enrollment requests must be submitted through the company’s primary contact via the PCI Portal.

Registration into requalification training must be submitted and approved by the qualification expiry date. A 3DS Assessor who is not registered for requalification training before midnight Eastern Time on their qualificaiton expiry date, or who does not achieve a passing score on the exam by the end of the two week grace period, will be required to re-enroll as a new candidate.

“I thought the instructor was excellent and his insights and experience greatly helped towards the overall understanding.”

Janet Edwards, K3DES, LLC

“It was very useful to see the QSA role from the perspective of the assessor rather than from the customer's viewpoint.”

Chris Leppard, Trustwave

“The way that the instructor was able to cover a vast amount of material in a relatively short time and make us remember it - without the training it would have taken weeks and weeks to get the same level of understanding.”

David Newman, TELUS Security Solutions