PCI SSC Sr. Manager Jake Marcinko discusses the two newly published PCI 3DS Core and 3DS SDK Technical FAQ documents (found here).
Why is the Council issuing Technical FAQs for the PCI 3DS Core and the PCI 3DS SDK Security Standards?
Jake Marcinko: The Council leverages Technical FAQs to provide additional and timely clarifications to various PCI Standards and Programs. Often, Technical FAQs are based on input from our stakeholders, such as assessors, labs, vendors, and providers.
Who is the audience for the Technical FAQs?
Jake Marcinko: The Technical FAQs, which there are separate documents for 3DS Core and 3DS SDK Security Standards, are primarily intended for the 3DS Assessors, 3DS SDK Labs, and 3DS entities. They are also useful to anyone that has an interest in the PCI Council’s 3DS Standards and Programs.
How are the Technical FAQs meant to be used?
Jake Marcinko: Technical FAQs are normative, which means that they form part of the respective standard and program. They are an integral part of the requirements and test procedures and shall be fully considered during the assessment process. We encourage the audience to stay up to date using the latest Technical FAQ documents published in the PCI SSC Document Library, as applicable. For each new revision, all changes from the last revision will be marked in red for convenience.
Where can people find more information about the PCI 3DS Standards and Programs?
Jake Marcinko: Great question. All of the PCI 3DS documents, including the new Technical FAQs, can be found in the PCI Council’s Document Library for 3DS, here.
Also on the blog: What’s New in PCI 3DS SDK Security Standard Version 1.1?