Payment Forensics (PFI) - PCI-Secure - The New Name for PTP Consulting

Home > Digital Forensics > Payment Forensics (PFI)

Under the PCI DSS (Payment Card Industry Data Security Standard), merchants and payment service providers can be fined if they are a victim of a data compromise or are found to be non-compliant with the PCI standard. Additionally, the Information Commissioner’s Office (ICO) is also able to impose substantial fines for breaches of the Data Protection Act (DPA). Therefore, the sooner an organisation prevents or reacts to a potential compromise of sensitive data, the more chance it has of mitigating the reputational fall-out, brand damage and subsequent financial penalties.

In such cases, the merchant or payment service provider responsible for being the “common point of purchase” must conduct a forensic investigation, in order to immediately isolate the fraudulent flow of data and to take steps to become or regain PCI compliance.

As one of the UK’s leading PCI Forensic Investigators (PFIs) and one of only a limited number of globally approved PFIs, PCI-Secure are experts in the investigation of payment card related data breaches and as a result of that exposure to a comprehensive number of cases, scenarios and different investigations, our team have established a pedigree of experience and credibility unrivalled in the industry.

We have been actively involved in conducting payment card investigations for the acquiring banks and credit card brands since 2007. Our staff are fully trained in forensic incident response procedures and investigation techniques and as a result, are able to help our clients react to and recover from an ongoing cyber data breach, whilst also assisting the client with the burden of communicating to the acquiring banks, credit card brands and external stakeholders.

PCI-Secure have extensive experience of conducting forensic and cyber incident response investigations for a wide range of organisations across all business sectors including multi-national gaming companies, PCI DSS level one merchant retailers, Internet retailers, payment service providers, hosting companies, hoteliers, banking and financial services organisations. In addition, we also provide services to and work in conjunction with law-enforcement agencies, the ICO and law firms within the legal/litigation sector.