World Map

PCI Forensic Investigation (PFI)

pin entry deviceReturn to business as usual

• One of the leading forensic teams globally
• Decades of industry experience
• Cutting edge Incident Response technology
• We assist businesses of all sizes


Peace of mind

Being identified as a Common Point of Purchase (CPP) for fraudulent transactions put's stress on any business. We have the skills, technology and experience to help alleviate your concerns.

We’ve worked closely with the payment card industry since 2004 and formed close and trusted relationships with major card providers, while assisting a wide range of organisations, including central banks, payment processors, global retailers, and countless small e-commerce merchants.

When your business is compromised, time is of the essence. A delay in appointing a PCI Forensic Investigator could mean you remain exposed to more fraud. Our experience, technology and capabilities will give you what you need to rapidly bring the situation under control.


pci forensic investigation

Contact us

PCI forensic investigation

Why is a PFI important?

  • It will help you to understand the threat, clean up and protect your business.
  • Your business has been targeted by criminals. It is highly likely they will be back.
  • The average time between attacks on a previously hacked website is under 5 minutes – “they” know you have been hacked before, so will keep looking for easy takings.
  • An outsourced payment page is no guarantee of secure payments (read our blog for examples).
  • An insecure website can easily have the checkout process modified by attackers.

PFI Lite

PFI Lite investigations are a Visa Europe initiative designed for small eCommerce businesses who may have been hacked and lost cardholder data. This is a scaled-down PFI Investigation designed to provide a remediation service specifically for smaller eCommerce merchants. 

The key requirements of a PFI Lite Investigation are to:

  • Ensure that the breach has been contained
  • Support the migration to a hosted payment page
  • Analyse the attack and identify the exposure period
  • Conduct scans against the website to verify that it's secure
  • Support the SAQ completion for PCI compliance purposes
  • Produce a report for the Card Schemes


PFI Investigation

PFI investigations are standard for any business that may have lost cardholder data. We have technical investigation expertise and "C-level" experience to guide organisations of all sizes through the challenges and hurdles that accompany a forensic investigation.

There are usually 7 steps to a PFI investigation:

  1. Determine the scope of your environment
  2. Collect evidence
  3. Create a preliminary report
  4. Conduct a forensic analysis
  5. Build a containment strategy
  6. Verify the containment
  7. Produce a final report
What makes us different?


We go the extra mile

Foregenix handle as much as, or more PFI cases than any other forensic investigation team globally and have the skills, capability and capacity to quickly assist you. Digital security is in our DNA and we love being able to help other businesses improve their security. 

We go the extra mile for our clients in helping them get their businesses back on track, securely.

View FGX-Web

Our tech is included at no extra cost
We utilise our FGX-Web and Serengeti to:
  • Immediately monitor the environment latent threats.
  • Very quickly carry out PFI forensic investigations.
  • Enable rapid analysis and ongoing monitoring.
  • Enable our team to work quickly, discreetly and in a minimally-intrusive manner.

Our technology helps to quickly get our clients secure and back up and running after a security breach.

Contact us using the form below to discover the many ways Foregenix can help you with your PFI Investigation needs.

Contact Us