PCI 3DS SDK Security Standard

This standard offers security requirements, assessment procedures, and guidance for 3DS Software Development Kits (SDKs), as defined in the EMV® 3-D Secure SDK Specification, to help prevent unauthorized card-not-present (CNP) transactions and to protect merchants from CNP exposure to fraud. Additional information about EMV 3-D Secure implementations can be found in the EMV® 3-D Secure Protocol and Core Functions Specification.

Important Information


Intended Audience

Vendors of 3DS SDK software facilitating cardholder authentications as part of the EMV® 3-D Secure Protocol.


3DS SDK Documents

Find all of the related documents in the PCI SSC Document Library.


Listings & Professionals

PCI SSC encourages entities to use the PCI SSC listing in selecting a PCI-listed 3DS SDK for their payment needs.

These assessments are performed by independent PCI-Recognized Laboratories that are also EMVCo Laboratories, and that are qualified and approved by PCI SSC to evaluate 3DS SDKs against PCI 3DS SDK security requirements and in accordance with the PCI 3DS SDK Program Guide.


Training Information


Perform assessments of 3DS Environments in accordance with the PCI 3DS Core Security Standard

The Payment Card Industry Professional is an individual, entry-level certification in payment security information and provides you with the understanding to help your organization build a secure payment environment. Becoming a PCIP demonstrates a level of understanding that can provide a strong foundation for a career in the payments security industry.

Knowledge Training courses are designed to bridge the knowledge gap between organizations and assessors by providing learning opportunities for individuals to take the same training and exam as the Assessor. Upon successful completion of training, learners will be given an acknowledgement of completion as well as the option to complete the exam and receive a digital badge.

Get your team trained together! We are pleased to offer all our PCI training programs as either in-person or remote Instructor-led eLearning. Learn directly from an instructor with hands-on experience in the field of payments security. Your organization will receive all the benefits of an instructor-led training class, at a time and place most convenient for you and your staff.

Compliance programs for all PCI SSC standards are managed by the payment brands. Questions about which entities need to validate compliance to any PCI SSC standard, or whether use of a PCI-listed product is required and for which entities, should be referred to the payment brands. Contact information for the payment brands is in FAQ #1142.