Frequently Asked Question
Where should reports be sent when the PFI investigation has concluded there is no evidence of a breach?
Where the entity under investigation is a merchant, all completed work products (e.g. Preliminary and Final reports) must be distributed to all participating payment brands accepted by the merchant. Where the entity under investigation is a service provider, all completed work products must be distributed to all participating payment brands whose products the service provider handles.
Please contact the PFI Program Manager at PFI@pcisecuritystandards.org for further information.
Please contact the PFI Program Manager at PFI@pcisecuritystandards.org for further information.
November 2018
Article Number: 1460
