American Express SafeKey Video and B2B tips

American Express SafeKey® leverages the global industry standard, 3-D Secure®*, to detect and reduce online fraud by adding an extra layer of security when Card Members shop online. Merchant and customer experience answers in this article.

American Express SafeKey

 

How does Amex SafeKey impact the customer shopping experience? The cardholder may have some or no difference in the checkout experience, based on many factors, including prior online shopping history. The cardholder may be asked authentication question(s) to confirm it’s really the cardholder.

How does Amex SafeKey impact merchants?

  • Fraud liability for “It wasn’t me, I didn’t authorize it” goes away as liability shifts back to the issuer.
  • For business to business, where cardholder billing and shipping address frequently vary, cardholder authentication plays an important role not available with four digit CID security code validation only.
  • At this writing, American Express merchants do not receive a specific interchange discount as may be available with other card brands.

How can merchants adopt the Amex SafeKey service?

  1. Enroll your company on the American Express web site. https://network.americanexpress.com/globalnetwork/safekey/us/en/merchants-acquirers
  2. Receive e-mail from SafeKey Certification Team with your SafeKey ID and next steps.
  3. SafeKey Certification Team gets approval from Acquirer.
  4. Acquirer and SafeKey Certification Team complete required setup.
  5. Activate 3-D Secure on the application. (Ecommerce shopping cart, payment gateway, or ERP.) Both payment gateway and application must support the service.

* 3-D Secure is a registered trademark of Visa International Service Association in the United States and other countries.

Have a question about how to add to your business? Contact CenPOS global sales and integrations reseller, Christine Speedy, 954-942-0483 for more information.

Credit Card Testing Explosion Hurts Merchants Profits

If you accept payments online, have you hardened security to protect from card testing? Card testing is a big criminal business. They’re sophisticated and use hardware and software that can send thousands of stolen credit card data in less than an hour to your payment portal or ecommerce shopping cart before you even know you’ve been hit.

Card testing can be very expensive for merchants. For every attempted authorization, merchants pay a payment gateway fee, plus a fee to the merchant services processor (acquirer).

Example:

  • $.30 per transaction gateway
  • $.10 per transaction processor
  • 20,000 cards tested @$.40= $8,000

There’s no getting back the $8,000. The gateway and processor passed the data you gave them. In the event orders are approved, there’s the additional cost of lost product shipped and the associated chargeback fee. Then there’s the cost of damaged brand reputation from cardholders who voice on social media, where it lives on forever, how their card was used unauthorized.

How can merchants protect online payments from card testers?  Google reCAPTCHA is a free service that protects your website from spam and abuse. reCAPTCHA can prevent bots from submitting a transaction that you’ll pay for.

Protecting against both bots and fraudulent transactions is tricky.

Fifteen percent of all cardholders have had at least one transaction unnecessarily declined in the previous 12 months, according to a 2015 study by Javelin.

Unnecessary declines are also called False Positives. Cardholder authentication is a layer of security to protect against fraudulent purchasing, increasing approvals and reducing False Positives. 3-D Secure is a global XML protocol for Cardholder Authentication; The card brands each has their own name- Verified by Visa, Amex Safekey, MasterCard SecureCode. Benefits of 3-D Secure include automation, shifting liability to card issuers without manual review of orders, increased approvals, and sometimes reduced Visa and MasterCard interchange fees.

Which payment gateways support recaptcha and Cardholder authentication?

reCAPTCHA is easy to implement, just check with your payment gateway provider or web developer. 3-D Secure is quick, easy and requires a few steps:

  • Confirm your payment gateway is 3-D Secure certified for your credit card processor (merchant services provider or acquirer). Ask which are certified: Verified by Visa, Amex Safekey, MasterCard SecureCode. Some have certifications, some don’t.
  • If there’s an application such as a shopping cart or e-invoicing, confirm the payment gateway integration will support 3-D Secure.
  • Contact your acquirer and ask them to register your merchant account for 3-D Secure. Some can, some can’t. It’s usually done in a day.
  • Turn on 3-D Secure in the payment gateway.

FAQ

Is there a cost for reCAPTCHA? No, it’s free from Google. If your payment gateway supports reCAPTCHA, it may just need to be activated on your account, no programming needed. Contact your payment gateway support or check their FAQ to find out.

Is there a cost to register for 3-D Secure? That’s up to the individual company doing the registration. Costs start at $0.

Is there an ongoing cost to use 3-D Secure? Yes, and it’s up to the individual company offering the service. Costs typically range from $.075 to $.30 per attempted authorization.

If hit by a card tester, can I negotiate to reduce fees? It’s unlikely because services were delivered as per your agreements.

Christine Speedy, authorized CenPOS reseller, provides universal payment processing solutions, including reCAPTCHA and 3-D Secure cardholder authentication, to maximize merchant profits and mitigate risk across multiple sales channels. Contact Christine at 954-942-0483. 

American Express Launches SafeKey to Help Protect Merchants and Cardmembers from Online Fraud

American Express’ adoption of Visa’s 3-D Secure Protocol for SafeKey adds momentum for 3-D Secure as a global industry standard for internet authentication.

LONDON,  November 5, 2010 — 

American Express today announced the launch of American Express SafeKey(SM) , an online fraud prevention solution, licensing Visa’s 3-D Secure Protocol.

3-D Secure is the technology that powers authentication services provided by payment brands around the world. It continues to be embraced by the payments industry as a global standard for payment authentication. American Express, a global payments network, will adopt 3-D Secure for Internet payment authentication, joining Visa and other international payment brands in endorsing a technology standard for secure Internet payment.

“American Express is committed to combating fraud for our merchants and cardmembers who transact online. American Express SafeKey is a new tool that will augment our fraud prevention solutions,” said Suzan Kereere, Senior Vice President of Global Network Operations for American Express. “As part of our commitment to global technology standards, American Express SafeKey was designed using 3-D Secure specifications to ensure industry-consistent processes and functionality.”

“We are pleased with American Express’ decision to license the 3-D Secure Protocol and we think this is a positive development for the industry and eCommerce. This reaffirms the position of 3-D Secure as the Internet authentication standard of choice,” said Jim McCarthy, Global Head of Product for Visa.

Visa and American Express support the development of global, open standards and recognize that a global authentication standard supports the continued growth of e-commerce. Visa continues to work with other industry leaders to accelerate the global adoption of 3-D Secure and welcomes industry participation in further expanding the global deployment of the 3-D Secure specification for Internet security and authentication. Using open authentication standards is an important and welcome step for the payments industry and the online marketplace.

American Express will enable SafeKey in Singapore and the UK on 8 November 2010 and begin working with merchants and card issuers in these markets to roll out the technology.

About American Express SafeKey
American Express SafeKey is a fraud prevention solution specifically designed to help protect American Express merchants and Cardmembers from fraudulent online transactions. The tool helps reduce unauthorized online use before it happens by confirming the Cardmember’s identity with an additional password. Cardmembers enroll in the authentication program through their card issuing bank to receive an added layer of protection. Participating merchants display the American Express SafeKey logo during online checkout offering shoppers an extra layer of security.

About American Express
American Express is a global services company, providing customers with access to products, insights and experiences that enrich lives and build business success. Learn more at americanexpress.com and connect with us on facebook.com/americanexpress, twitter.com/americanexpress and youtube.com/americanexpress.

About Visa
Visa is a global payments technology company that connects consumers, businesses, financial institutions and governments in more than 200 countries and territories to fast, secure and reliable digital currency. Underpinning digital currency is one of the world’s most advanced processing networks – VisaNet – that is capable of handling more than 10,000 transactions a second, with fraud protection for consumers and guaranteed payment for merchants. Visa is not a bank and does not issue cards, extend credit or set rates and fees for consumers. Visa’s innovations, however, enable its financial institution customers to offer consumers more choices: pay now with debit, ahead of time with prepaid or later with credit products. For more information, visit www.corporate.visa.com.

3-D Secure is a registered trademark of Visa International Service Association in the United States and other countries.