Skip to content


We can help - we're specialists, discreet and with a mission to protect businesses from criminals.

PCI Forensic or Acquirer Led Investigation Services

If you have noticed suspicious behaviour from your Point of Sale or eCommerce website, or an influx of fraud complaints from customers, or your business has been identified as a Common Point of Purchase (CPP) for fraudulent transactions, this may mean that your payment systems have been compromised by criminals. And, that your customer data may be stolen.

While this can be a very stressful time for a business and its owners, it is critical to act quickly. Time is of the essence - the quicker you can get an investigation performed, the quicker you are likely to be able to stop the breach from causing further damage.

We can help. This is what we do every day.


Our team have worked closely with the Payment Card Industry (PCI) since 2004 and formed close and trusted relationships with major card providers, while assisting a wide range of organisations, including central banks, payment processors, global retailers, and countless small e-commerce merchants.


We’re specialists in helping businesses quickly regain control of their systems and to understand what happened. We use our technology and experience to carry out our investigations quickly and with minimal disruption to the business.


We deploy our technology and team to protect the client during the investigation - and for a period of time after the investigation - as the criminals will often try to break back in.


Our experience, technology and capabilities will give you what you need to rapidly bring the situation under control.

What makes us different?

Firstly, our team. We go the extra mile for our clients...

We have been carrying out PCI Forensic Investigations for over a decade and our mission is to protect our clients, while guiding them through this challenging phase of their business cycle.

We're a global investigative firm, with the skills, capability, experience and capacity to quickly assist you. Gone are the days of deploying an occupying “boots on the ground” force. Our technology allows for rapid response without the immediate need for onsite personnel.

Our team of experts monitor our client base around the clock, with the platform continuously monitoring for behavioural and system interaction indicators, memory only attacks and suspicious network activity.

We go the extra mile for our clients - helping them get their business back on track, quickly and securely.


...Secondly, our technology included at no extra cost.

We utilise our FGX-Web and Serengeti technology to:

  • Immediately monitor the environment for threats.
  • Quickly carry out PFI forensic investigations.
  • Enable rapid analysis and ongoing monitoring.
  • Enable our team to work quickly, discreetly and in a minimally-intrusive manner.

Our technology helps our clients to quickly get secure and back up and running after a security breach.


7 steps to a PFI Investigation

PFI investigations are standard for any business that may have lost cardholder data. We have technical investigation expertise and "C-level" experience to guide organisations of all sizes through the challenges and hurdles that accompany a payment card forensic investigation.

There are generally 7 steps to a PFI investigation:

• Determine the scope of your environment
• Collect evidence
• Create a preliminary report
• Conduct a forensic analysis
• Build a containment strategy
• Verify the containment
• Produce a final report


Acquirer Led Investigation Services

When an Acquirer suspects that one of their merchant’s systems may have breached, the key is to move quickly to understand the situation and take appropriate actions, remediate affected systems and protect confidential data. Acquirer Led Investigation Services is designed to give Acquiring Banks and their merchants that rapid analysis, situation report and, where possible, containment of the incident.

The Acquirer Led Investigation Service combines the world-class Foregenix Digital Forensics and Incident Response (DFIR) Team and Foregenix proprietary technology, FGX-Web, which provides forensic visibility across dispersed environments within minutes of being deployed. Supported and delivered as a remote incident response service by Foregenix Teams across the globe. Telemetry collected by this software technology is used to understand the situation and should the need arise, assist in containing the incident.

The Acquirer Led Investigation Service benefits include:

  • The support and guidance of the leading DFIR team in the payment card industry – quick, effective and highly experienced.
  • FGX-Web Alert technology – providing telemetry within minutes of deployment, enabling rapid containment and on-going proactive monitoring, protection and alerting for a total of twelve (12) months. Delivered as a managed service by the Foregenix Threat Intelligence Group.
  • Serengeti technology - providing telemetry within minutes of deployment, enabling rapid containment and ongoing proactive monitoring, protection and alerting for 30 days. Managed by the Foregenix DFIR team.
  • Containment - where possible, preventing on-going data theft during the analysis process and subsequent remediation and monitoring processes.
  • Delivered Remotely – no onsite time, minimal operational disruption, no travel costs.
  • Minimising the impact to the victim business – enabling them to focus on re-building the business.

Why is our tech important?

FGX-Web protects a website while also enabling our analysts to quickly track down criminal activity. We provide it free as a part of the investigation too. So why is it important?

• Your website has already been targeted by criminals - they will be back
• The average time between attacks on a previously compromised website is under 5 minutes – “they” know you have been hacked before and will keep trying
• An outsourced payment page is no guarantee of secure payments (read our blog for examples), especially if the website is not secure
• An insecure website can easily have the checkout process modified by attackers
• FGX-Web monitors and alerts websites of web-based attacks – enabling you to grow your business, knowing it is secure.

We can help you through the PFI Lite Investigation and we will also help you to keep your online business secure

If you’re looking for a safe, knowledgeable, discreet and effective team to help you with a PFI Lite Investigation, complete the form below and we will contact you immediately.




Speak with us

Talk to us today about forensic help

Foregenix is a global leader in the PCI Forensic Investigation space - our team has the skill, capability, capacity and technology to quickly assist you. Digital security is in our DNA and we love being able to help other businesses improve their security.

We go the extra mile for our clients.