PCI Security Standards Council®

3DS Assessor Qualification

The 3DS Assessor program teaches you to perform assessments of 3DS Environments in accordance with the PCI 3DS Core Security Standard. This training course will provide you with the understanding of the logical and physical security requirements as well as assessment procedures for performing PCI 3DS Assessments.

Upon completion of the course, you’ll be able to conduct PCI 3DS Assessments, validate and attest as to an entity’s PCI 3DS Core Security Standard compliance status, and prepare appropriate compliance reports (such as Reports on Compliance (RoC)) required by payment card brands and acquiring banks.

Registration Process

In order to attend 3DS Assessor training you must be a full-time employee of an active QSA Company. Please see the Qualification Requirements for 3DS Assessors for more details.

All candidates must apply to the 3DS Assessor program and be approved by the PCI Council in order to enroll in a training class. All training inquiries and assignments must be submitted through your company's assigned Primary Contact. Other requirements include:

  • Must be a QSA
  • Have at least 3 years’ experience as a QSA Employee
  • Possess a minimum of two industry-recognized certifications with at least one in each of information security and IT audit (as defined in QSA Qualification Requirements section 3.2)

Course Details

The PCI 3DS Core Security Standard provides a set of logical and physical security requirements as well as assessment procedures for performing PCI 3DS Assessments. The training program is comprised of single-day instructor-led course and exam.

Training Overview

The 3DS Assessor training covers the PCI 3DS Core Security Standard requirements, and associated testing procedures. Candidates will learn how to:

  • Validate and confirm 3DS Data Environment (3DE) scope as defined by the assessed entity.
  • Select employees, facilities, systems, and system components accurately representing the assessed environment if sampling is employed.
  • Be on-site at assessed entity during the PCI 3DS Assessment.
  • Evaluate compensating controls as applicable.
  • Apply independent judgement about whether the assessed entity meets PCI 3DS Core Security Standard.
  • Effectively use the PCI 3DS ROC Reporting Template to produce 3DS Reports on Compliance (3DS ROCs).
  • Validate and attest as to an entity’s PCI 3DS Core Security Standard compliance status.
  • Conduct follow-up assessments, as needed.
  • Learn how to complete the 3DS ROC and 3DS AOC documentation that are required for submission of completed assessments.
Training and Exam

The 3DS Assessor training course consists of a one-day instructor-led classroom training and exam providing:

  • In-person engagement and collaboration as well as networking opportunities
  • Ability to focus on curriculum in classroom setting
  • Learn directly from an expert PCI SSC trainer with hands-on experience assessing merchants and/or service providers

The qualification exam is taken immediately following the classroom training. The exam is closed-book.

The Primary Contact at the QSA Company will be notified of results within two weeks after the candidate attends the instructor-led PCI 3DS training and exam. Employees who do not meet the minimum passing score set by the PCI SSC may retake New 3DS training and exam, upon registration and payment of a new invoice. For each attendee that passes the exam, the 3DS Company will receive a certificate that validates the employee for the next 12 months.

Attendance during the course is mandatory. Missing more than 30 minutes of the class will automatically result in forfeiture of the PCI SSC 3DS Assessor exam and removal from the class.

How to Prepare

Prior to the training class, you should familiarize yourself with these publications on the PCI website:

  • Payment Card Industry (PCI) Security Requirements and Assessment Procedures for EMV® 3-D Core Secure Components: ACS, DS, and 3DS Server
  • Payment Card Industry (PCI) 3DS Assessor Program Guide
  • Payment Card Industry (PCI) 3DS Assessor Qualification Requirements
  • Payment Card Industry (PCI) Data Security Standard Requirements and Security Assessment Procedures
  • Payment Card Industry (PCI) Data Security Standard Qualification Requirements for Qualified Security Assessors (QSA)
  • EMV® 3-D Secure Specification

3DS 2022 Classes

Remote classes are a combination of eLearning and a live webinar.

Webinar or In person training dates are listed below.

Date
Time
Remote or In person Location:
Price
Date: 11 Aug
Time: 12:00 - 17:30 (BST)
Remote or In person Location: Remote
Price: $1,375 USD
Date: 8 Sep
Time: 09:00 - 17:30
Remote or In person Location: Toronto
Price: $1,375 USD*
Date: 17 Nov
Time: 12:00 - 17:30 (BST)
Remote or In person Location: Remote
Price: $1,375 USD
Please note: All fees are NON-REFUNDABLE and NON-TRANSFERABLE. Unless otherwise specified the training and exam will be delivered in English.

Price does not include any applicable VAT/HST/GST which will appear on your invoice.

* Not including VAT

Requalification Requirements

In order to maintain the high standards set for this certification, all 3DS assessors must pass a requalification exam every 12 months and sign and accept the terms of the PCI SSC Code of Responsibility in order to continue as an active 3DS Assessor for their company.

The requalification course is offered in a convenient eLearning format. All training enrollment requests must be submitted through the company's primary contact via the PCI Portal.

Registration into requalification training must be submitted and approved by the qualification expiry date. A 3DS Assessor who is not registered for requalification training before midnight Eastern Time on their qualification expiry date, or who does not achieve a passing score on the exam by the end of the two week grace period, will be required to re-enroll as a new candidate.

BECOME QUALIFIED

Right for you?

You are a current QSA with at least 3 years’ experience, who is employed by a QSA company, possessing the required industry certifications.

Please contact your organization’s QSA Primary Contact to enroll in the 3DS Assessor program.
Request More Information

Our website uses both essential and non-essential cookies (further described in our Privacy Policy) to analyze use of our products and services. By clicking “ACCEPT” below, you are agreeing to our use of non-essential cookies to provide third parties with information about your usage and activities. If you click “DECLINE” below, we will continue to use essential cookies for the operation of the website.

AcceptDecline