PCI Security Standards Council®

PCI Forensic Investigator Training

In the event of an actual or suspected attack, compromise or vulnerability affecting payment card transactions or cardholder data a forensic investigation may be required. Forensic investigation of credit card data can be challenging and complex, requiring forensic investigators with highly specialized skills and proven staff and experience, capable of rapid response.

Prior to the PFI Program, Participating Payment Brands maintained separate requirements for forensic investigators for such events, and the process of selecting or being qualified as an investigator could be complicated and cumbersome, especially when the Security Issue in question affected multiple Participating Payment Brands.

In an effort to help ensure that each PFI Company and PFI Employee possesses the requisite knowledge, skills, experience and capacity to perform PFI Investigations in a proficient manner in accordance with industry expectations, each PFI Company and each PFI is required at all times to satisfy all applicable PFI Qualification Requirements, including PCI SSC required training.

Registration Process

Candidates for PFI qualification must currently work for an active and approved PFI Company that is listed on the PCI website and meet all qualifications outlined in section 3.3 of the PFI Program Qualification Requirements.

PFI: Registration Process

Step 1 - Review

Refer to the PFI Qualification Requirements for complete program description and requirements and to confirm that you are well suited for the program.

Next, discuss your eligibility with your firms primary contact:

  • The Primary Contact can log into the PCI portal and complete the registration enrollment online (See step 2)
PFI Qualification Requirements

Step 2 - Apply

  • Submit PFI registration form
  • Once we receive your registration, we will notify you once we have enrolled you in the course.
  • Applicants will be notified via email of their application status within 4 days of submitting their fully completed application.
  • Following the approval of application, a training invoice will be emailed within 2-3 business days
  • Submit payment
Program Fees

Step 3 - Train

Upon receipt of payment, you will:

  • You will receive a link to access the eLearning course.
  • You will have 90 days from the day you receive the link to complete the course and take the exam.
  • You will also receive a separate email from Pearson VUE with credentials and complete instructions on how to schedule your exam.
Test Center Locations

Step 4 - Activate

Pass/Fail results are provided immediately following the conclusion of the exam.
Passing candidates will receive a Certificate of Qualification via email and will be added to the Council's website listing of PCI Forensic Professionals (PFI).

Find PCI Forensic Investigators

Course Details

Overview

PCI Forensic Investigator (PFI) training is a two-part program. The first is a seven-hour prerequisite course and exam about PCI Fundamentals. It’s followed by an in-depth course that can be taken via online eLearning format and exam.

Part 1 - PCI Fundamentals

PCI Fundamentals assures that all candidates taking the PFI training course have the same baseline understanding. The PCI Fundamentals course must be completed within thirty days of initial access. This prerequisite course covers:

  • Understanding the Payment Card Industry Security Standards Council and its role
  • Defining the processes involved in card processing
  • PCI roles and responsibilities
  • Understanding cardholder data
  • Defining network segmentation
  • PCI DSS assessments
Part 2 – PFI Training

Candidates who successfully complete the prerequisite PCI Fundamentals course may move on to the PFI qualification course. This course builds on the knowledge gained in PCI Fundamentals and delves into the actual PCI DSS requirements, brand reporting, compliance reports and more. The PCI Forensic Investigator course covers:

  • What is PCI and what does it mean to companies that must meet compliance with the DSS?
    • Industry overview
    • Terminology
    • Transaction data flow
    • Relationships between various organizations in the process
  • How the credit card brands differ in their validation and reporting requirements
  • PCI Data Security Standard (DSS)
    • Overview of each requirement
    • Testing procedures
    • What constitutes compliance
  • PCI Hardware and Communications Infrastructure
  • PCI Forensic Reporting
  • Overview of compliance issues and mitigation strategies
  • Compensating controls
  • Creating policies
  • Modifying cardholder data environment
Training Formats

PCI Forensic Investigator (PFI) course content is delivered via:

eLearning:

This self-paced, six-hour eLearning course offers:

  • Flexible scheduling 24/7/365
  • Learn from your home or office
  • Reduced travel costs and time away from work
  • Provides individuals in any country an opportunity to train for and take the exam at their convenience and at a location close to home or work.

You will receive a link to access the eLearning course. You will have 90 days from the day you receive the link to complete the course and take the exam. You will also receive a separate email from Pearson VUE with credentials and complete instructions on how to schedule your exam.

Exam

The qualification exam is administered at a Pearson VUE Test Center. You will have 90 minutes to complete 75 multiple-choice questions. No electronic devices may be used during the closed-book exam.

Scheduling the Exam

  • All scheduling/rescheduling is done via Pearson VUE’s online scheduling system – you select the test location, date and time most convenient for you.
  • You will receive an email containing Instructions and a voucher to schedule your exam within 2-3 business days of payment processing.
  • If you choose the eLearning Course, the exam must be completed within a 90 days test window.

Exam Results and Next Steps

  • The Primary Contact at the PFI Company will be notified of results. Employees who fail may retake the training and exam, upon payment of a $165 re-test fee. Passing candidates will receive a Certificate of Qualification via email within 2-3 business days.
Find a Test Center

Requalification Requirements

In order to maintain the high standards, set for this qualification, all PFIs must requalify annually to continue to maintain their status and be listed on the PCI website.

Requalification requirements help ensure that PFIs remain current with technical and industry changes and demonstrate professionalism. To maintain active qualification status, PFIs must:

  • Maintain all incident response certifications
  • Achieve a passing score on the PFI requalification exam (or maintain QSA employee qualification)

Requalification Process

The Council emails courtesy reminders 90 days in advance of your qualification expiry date. To complete the requalification process:

For PFI Requalification only;

  • PFI Primary contact logs into portal and assigns PFI to PFI Requalification training session
  • Requalification registration must be submitted prior to the expiry date and a passing score must be achieved on the exam no later than 14 days after the expiry date
  • CPEs are not required to maintain the PFI only qualification
  • An invoice will be emailed within 2-3 business days
  • You will receive an email containing instructions and credentials to complete the requalification exam within 2 business days of payment processing
  • Once you successfully pass the exam, a new certificate will be emailed and you’ll be listed on the PCI website as a PCI Forensic Investigator (PFI) for the following year

For QSA and PFI Requalification;

  • The required CPE hours and a requalification registration must be submitted prior to the expiry date and a passing score must be achieved on the exam no later than 14 days after the expiry date.
  • For your convenience, CPE hours can be tracked and stored in the PCI portal at any time
  • Once the required number of CPE hours has been recorded, select a requalification option and submit your registration
  • An invoice will be emailed within 2-3 business days
  • You will receive an email containing instructions and credentials to complete the requalification exam within 2 business days of payment processing
  • Once you successfully pass the exam, a new certificate will be emailed and you’ll be listed on the PCI website as a PCI Forensic Investigator (PFI) for the following year
Download the CPE Maintenance Guide Go To The Portal

Right for you?

If you have experience in any of these areas
and are an approved Qualified Security Assessor (QSA), consider the
PFI Qualification:
  • Security/Technology
  • Compliance/Risk/Governance
  • e-Commerce
Have a question on
PFI qualification?

Download Case Studies

View Bit9 Case Study
View Excentus Case Study

Our website uses both essential and non-essential cookies (further described in our Privacy Policy) to analyze use of our products and services. By clicking “ACCEPT” below, you are agreeing to our use of non-essential cookies to provide third parties with information about your usage and activities. If you click “DECLINE” below, we will continue to use essential cookies for the operation of the website.

AcceptDecline