PCI DSS Forensic Investigations
In today’s technology driven world, the acceptance of card payments is regarded as a fundamental aspect of any business. The theft of payment card data is a highly lucrative enterprise with criminals investing considerable time, energy and resources into locating, stealing and illegally utilising payment cards to commit widespread and costly fraud.
Merchants and payment service providers have a duty to maintain cardholder data securely. Failure to do so can result in significant financial penalties if they are a victim of a data compromise or are found to be non-compliant with the PCI DSS standard. Organisations which hold cardholder data are also subject to the authority of the Information Commissioner’s Office (ICO) who can impose substantial fines for breaches of data protection legislation.
The sooner an organisation responds to a potential breach, the lower the likely penalties and sanctions will be. It therefore makes sense to deal with a company which has substantial resources to deploy quickly to identify the causes and methods by which cardholder data has been compromised. Speed of deployment and analysis is vital and can save substantial sums for organisations. Where such breaches have occurred, the merchant or payment service provider identified as the Common Point of Purchase (CPP) will be mandated to conduct a PFI Investigation or an Acquirer-led Independent Investigation. This is to immediately contain, investigate and remediate the incident and eliminate the risk of fraudulent access to cardholder data.
PCI Forensic Investigators (PFIs) are licensed by the PCI Security Standards Council. IntaForensics are a PFI Company and licensed to conduct investigations throughout Europe.
PFI Forensic InvestigationWho is this Service For?
PFI Investigations are designed for merchants and service providers that have suffered a breach of cardholder data and have been instructed, by their acquiring bank, to undertake an investigation using an approved PFI Vendor. This process is regulated by the PCI Council and the card brands. These are designed for merchants who are level 1 or 2, or who have specifically been requested to have a PFI.
Independent InvestigationWho is this Service For?
Independent Investigations are designed for merchants that have suffered a breach of cardholder data and have been instructed that they must undertake an investigation. This process is managed by your acquiring bank and is designed for merchants who are level 3 or 4.
As regular customers of IntaForensics, I highly recommend the company for the services delivered by Damian Walton and his team. I couldn’t praise their Cyber Essentials services and support highly enough.
Ryan James, Managing Director - nFocus
With reams of sensitive personal data and transactions that involve large sums of money, the legal sector remains a huge […]Read More
Charities play a crucial role in society, providing support and relief to those who need it most in their darkest […]Read More
According to data from Egress, a ransomware attack occurs every eleven seconds. The frequency of attacks on a daily basis […]Read More