Skip to content

Audit preparations

Security auditing

Hosting 3-D Secure applications is subject to various government- and industry security standards, of which PCI DSS and the Visa VbV security requirements are common to all regions. Modirum offers consulting services to help software license customers prepare for audits by PCI QSAs and Visa security auditors.

During preparations for the audits, experienced and highly skilled Modirum personnel will work with your technical teams, security officers and managers to highlight and help trouble-shoot potential compliance-issues.


The Payment Card Industry Data Security Standard (PCI DSS) applies to any entity that stores, processes or transmits cardholder data. All Modirum software contains the relevant functionality required for PCI DSS compliance.

For further details on the PCI DSS and related documentation, see .

 3-D Secure Security Requirements

Enrollment and Access Control Servers (ACS) operators are subject to the "3-D Secure Security Requirements for Enrollment and Access Control Servers" (VbV security requirements). As with the PCI DSS, our ACS and related software supports all the relevant security controls.

You should request a copy of the VbV security requirements from your Visa customer support representative.

In case you need additional info on our auditing services please feel free to contact us for further details.


Note: The Modirum software only implements functionality necessary for compliance in the functions provided by the application itself. Supporting systems (including but not limited to operating system, database, log servers) and internal policies, procedures and physical and logical security controls, must also be implemented according to the security requirements. The Modirum software may require specific configurations in order to be able to operate in a compliant manner.