Do You Need a PCI PFI Investigation of a Credit Card Breach?

Then you came to the right place. We're fast, fair and affordable.

As one of the few PCI PFI certified firms in the world, we are experts at payment card compliance, IT security and data protection.

We are ready to start immediately, isolate the issue and help return you to compliance.

Get a Quote

Trusted For Services By:

Miami Dade County
Perry Ellis International
United States Postal Service Logo
Broward County, Florida Logo
See More

Why we're the preferred PCI PFI provider

Ready to start within 24-hours

Once an agreement is signed, our team will start the investigation immediately.

Fast, Fair and Affordable

We understand the pressure and impacts these incidents can have. We'll guide you through the process on-time and on-budget.


Been doing PCI since the standard was born

As one of the original firms to be trusted with handling this type of investigation, you could not be in better hands.

Handled large data breaches across 35+ industry verticals

We leverage our deep knowledge of data regulatory requirements across industries to help clients avoid reputational, legal and regulatory damage in multiple areas.  


Industries Served


Penetration Tests Performed


Security Investigations Performed


Years In Business

Frequently Asked Questions

When Do You Need a PCI PFI Investigation?

Payment card brands will sometimes require an independent investigation by a PCI PFI when a large amount of credit card fraud is tied to a single merchant ID, an indication of a possible breach.

Organizations must act quickly and work with a PCI forensic investigator to determine things such as:

  • If a breach has occurred
  • When it occurred
  • What data was compromised
  • The root cause of the attack
  • Whether the breach has been contained
  • Whether appropriate remediation steps have occurred
  • What security improvements need to be made
  • What PCI issues need to be addressed

What's involved in the PCI PFI Investigation?

In the simplest of terms, here are 6 key stages to a PCI PFI investigation:

  • Determine the Scope
    The investigation starts by determining what components of the IT environment are affected.
  • Acquire Electronic Data
    The investigator acquires and preserves evidence using a formal and documented process that is admissible in a court of law.
  • Conduct Preliminary Analysis & Interviews
    The investigator conducts forensic analysis and interviews to thoroughly understand the sequence of events that took place before, during and after the incident.
  • Prepare Initial Report
    No later than 5 business days after beginning the engagement, a preliminary investigation report must be provided to the PCI Council and major credit card brands with initial observations and findings.
  • Document Findings
    The PFI uses various techniques to independently determine the root cause of the breach, ensure it has been contained, and recommend security improvements to help prevent future attacks. The PFI also tests whether required PCI security controls are in place and operating as intended.
  • The Final Report
    Using a PCI Security Council report template, the PFI documents the forensic findings and any compliance gaps that caused or contributed to the breach. Before the report is finalized, the PFI meets with the major credit card brands and the impacted entity to present the findings and answer any questions. The goal is to ensure the breach has been contained and steps taken to improve compliance and security controls.

What Our Clients Say About Us

“Their team has demonstrated the ability to address emergencies
and provide excellent services within very tight deadlines. They are an excellent group and I cannot
recommend them highly enough.”

— Large Bank

"I have chosen to work with ERMProtect again and again because they are complete professionals in a crisis, deploying experienced, veteran teams rapidly that get to the bottom of
what went wrong quickly.” 

— Large retailer

“The company is passionate about delivering top-tier pre-breach and data breach services efficiently and at
a reasonable rate. Clients get what they pay for and I have received positive feedback from existing
clients regarding their experiences with ERMProtect.”

 — Law Firm Shareholder

About ERMProtect

ERMProtect helps organizations fight back against cyberthreats with a powerful arsenal of solutions to mitigate legal, regulatory and reputational risk.  

We rigorously test the security of IT systems, as if we were hackers ourselves. We ensure compliance with data privacy laws and standards to reduce regulatory risk. We help fix what’s broken and, if trouble comes, deploy powerful forensics.  

We even tackle the human side of IT security, by training employees to recognize when they are being targeted through our proprietary ERMProtect e-learning platform.

      About Us       

Email: | Phone: 305-447-6750 | © 2018 ERMProtect All rights reserved. | Privacy Policy & Terms Of Service

Share on LinkedIn