Press Releases > HUAWEI CLOUD Becomes Asia-Pacific's First Cloud Service Provider Certified by PCI 3DS
Press Releases

HUAWEI CLOUD Becomes Asia-Pacific's First Cloud Service Provider Certified by PCI 3DS

Aug 29, 2020

After being strictly evaluated by the security consulting firm, atsec, HUAWEI CLOUD became the first cloud service provider in Asia Pacific to earn PCI 3DS certification. This certificate proves HUAWEI CLOUD's ability to provide financial-level secure, reliable cloud infrastructure. In 2018, HUAWEI CLOUD earned PCI-DSS certification for all the nodes and services on its platform.

1.png

HUAWEI CLOUD's PCI 3DS certificate


I.  What Is PCI 3DS Core Security Standard?

PCI is short for Payment Card Industry. Three-Domain Secure (3-D Secure, or 3DS) is a security protocol that enables consumers to authenticate themselves with their card issuer when making card-not-present (CNP) e-commerce purchases, preventing unauthorized CNP transactions and protecting merchants from CNP exposure to fraud. 3-D refers to three different domains: issuer domain, merchant/acquirer domain, and the interoperability domain.

The PCI 3DS Core Security Standard defines physical and logical security requirements for protecting the environments of 3DS data and entities that perform or provide specific 3DS functions, namely 3DS Server (3DSS), 3DS Directory Server (DS), or 3DS Access Control Server (ACS) functions. The standard also defines security requirements for components that are used in or connected to the environments, including firewalls, virtual servers, network devices, and applications; and for processes and personnel management in the environments.


II.  What the Certificate Says About HUAWEI CLOUD

HUAWEI CLOUD meets international mainstream security standards, efficiently manages cloud platforms and eliminate network risks, and protects cardholders from payment fraud. HUAWEI CLOUD is a good choice if financial institutions and payment service providers are seeking a trustworthy platform.


III. Ceaseless Pursuit of Cloud Platform Security

HUAWEI CLOUD is always analyzing authoritative security standards and improving itself to comply with them. In 2018, HUAWEI CLOUD earned more than 10 authoritative security compliance certificates, including PCI-DSS. In 2019, HUAWEI CLOUD earned ISO 22301, TL 9000, and ISO/IEC 27701 certificates. In 2020, HUAWEI CLOUD earned Singapore Outsourced Service Provider's Audit Report (OSPAR), National Institute of Standards and Technology's (NIST) Cybersecurity Framework (CSF), and PCI 3DS certificates. So far, HUAWEI CLOUD has obtained more than 70 security certificates worldwide.

HUAWEI CLOUD has developed products based on its own security practices. For example, HUAWEI CLOUD Web Application Firewall (WAF) enables users to quickly configure a specific version of the Transport Layer Security (TLS) protocol required by PCI 3DS, which originally required complex manual configurations. With WAF, you can meet security standards in just a few clicks.


IV.  HUAWEI CLOUD Comprehensive Security System

HUAWEI CLOUD never misses an opportunity to become more secure. HUAWEI CLOUD has built a comprehensive security system based on more than 20 years of security experience. This system consists of a trustworthy platform and a wide range of coordinated services addressing security and compliance, data security, global security operations, security governance and certification, and service R&D security. HUAWEI CLOUD also works with customers, security service providers, and partners to build an ecosystem that can quickly tailor security services to any specific needs. By purchasing any HUAWEI CLOUD security services, customers get their business protected by a global security system.

 

Learn more about our efforts in security compliance at:

https://www.huaweicloud.com/intl/en-us/securecenter/compliance.html