What we do for Acquiring Banks

Acquiring Banks face many challenges with PCI DSS, some of which Foregenix are very well positioned to assist with. Areas in which Foregenix expertise may help are:

Forensic Partner to the Acquiring Bank

• The Foregenix Forensic Team operate on a 24 hour response basis to assist Acquirers and their merchants who may have been the victim of a suspected data compromise. We have one of the most experienced teams in the EMEA region and are always willing to assist.
• Most Acquiring Banks have a QSA partner for compliance. To avoid a conflict of interest with the partner QSA many acquirers turn to Foregenix expertise in the forensic arena as their forensic partner.
• With our extensive experience in the Account Data Compromise arena, and innovative technology, Acquiring Banks are able to get results quicker and therefore manage the data compromise risk and associated costs downwards.

Acquiring Bank PCI DSS

• Foregenix offer a high-end, specialised PCI DSS Service suited to larger, more complex businesses such as Acquiring Banks and payment processors.

Cardholder Data Discovery Services

Many Acquiring Banks are at considerable risk of data compromise due to the fact that they do not know exactly where all cardholder data exists. Using Foregenix' proprietary FScout product, we are able to either:

• Provide a cardholder data discovery and monitoring service for Acquirers, alerting on high risk findings and data leaks.
• Provide FScout to the Acquiring Bank to conduct Cardholder Data Discovery and monitoring in-house.

Our forensically-sound, multi-platform, thorough approach ensures that Acquiring Banks are able to clearly identify their PCI Scope and immediately begin to manage their risk downwards.

Merchant Risk Reduction

Many Acquiring Banks have experienced a suspected data compromise within their merchant base. Over 90% of these cases involve the theft of cardholder data that the merchant was completely unaware of. Unfortunately, this situation can have a significant impact on the Acquiring Bank's bottom line as the fraud costs associated with the data compromises is usually very significant.

How to reduce this risk?

FScout was originally designed with this in mind. By providing FScout to your merchants, you enable them to identify their PCI risk (hopefully) before a hacker does. This enables them to either secure it, or securely delete the cardholder data. If all merchants were able to do this, the Aquiring Bank would see a significant reduction in risk and the resulting fraud costs associated with data compromise.

Examples of where FScout can be used by an Acquiring Bank with their merchants:

• During the boarding process. Understand the risk within new merchants. A lot of merchants who suffer repeated data compromises tend to change banks frequently. FScout will provide an additional, accurate gauge of how much cardholder data could potentially be at risk.
• Provide FScout to high risk merchants. For example, the hospitality sector has experienced a significant increase in data compromises over the last 18 months. With FScout deployed, the high risk merchants would have been able to identify where they have data at risk ? and be able to secure or securely delete that data.

If you have a security issue, or requirement, please get in touch with us for assistance on:
+44 (0) 845 3096232 or info@foregenix.com.