American Express SafeKey®

Partner with American Express to grow your online business while protecting against online fraud.

Overview

The growth of digital commerce has placed greater emphasis on Merchants and Issuers to enhance their fraud prevention techniques while ensuring their customers can transact quickly and easily on whatever device they choose.

 

American Express SafeKey 2.0 is a security solution that leverages the global industry standard, EMV® 3-D Secure, to detect and help reduce online fraud—providing an extra layer of security when consumers shop through web browsers or in-app.

 

SafeKey 2.0 enables Merchants and Issuers to exchange detailed information, which helps reduce fraud and minimize the need for a one-time passcode—improving the user experience and reducing shopping cart abandonment.

 

Building consumer confidence can help expand your market reach. Enhanced fraud protection through SafeKey may encourage online customers to spend more and help grow your business. Enroll in SafeKey today!

 

EMV® is a registered trademark in the U.S. and other countries and an unregistered trademark elsewhere. The EMV trademark is owned by EMVCo.

Benefits

Merchants

Reduce Fraud Liability

  • Transfers liability for fraud chargebacks on SafeKey authenticated and attempted transactions to the Issuer
  • Works alongside other tools to manage fraud

Increase Profitability

  • Helps customers feel more secure about online purchases potentially increasing their confidence to spend

Reduce Shopping Cart Abandonment

  • Allows Issuers to use additional data elements already part of the checkout process to authenticate a Cardmember without a ‘challenge’* reducing friction, leading to a higher conversion of sales

*A ‘challenge’ is when an Issuer can request the Cardmember to prove his/her identity, e.g. by use of a One-Time Passcode (OTP).

Issuers

Reduce Fraud

  • Helps lower fraud with an extra layer of security

  • Leverages richer data to make smarter, more sophisticated risk decisions

Increase Sales

  • Helps increase Cardmember confidence by reducing friction leading to reduced
    cart abandonment

Authenticate Securely

  • Richer data allows targeting of higher risk transactions where stronger customer authentication would be beneficial

  • Supports a variety of Cardmember authentication methods, including one-time passcodes, biometrics, and out-of-band

Cardmembers

  • Helps protect against the fraudulent use of Cardmember details

  • Simplifies enrollment as Issuers will do this automatically for Cardmembers

  • Expands protection of SafeKey from web browsers to include in-app purchases

SafeKey 1.0/2.0 Comparison

Features SafeKey 1.0 SafeKey 2.0
SafeKey 2.1(EMV 2.1.0) SafeKey 2.2(EMV 2.2.0)
Based on industry-standard 3-D Secure
Extra layer of security at checkout
Payment authentication
Browser-based authentication
Flexibility for Issuers to use a variety of authentication methods (i.e. one-time passcodes, risk-based decisioning, etc.)
Support for PSD2 compliance
Support for more data elements promoting frictionless authentications Available in the US and its territories
App-based (in-app) enablement
Nonpayment authentication
Token-based transactions
Out-of-band authentication
Merchant initiated authentications
Decoupled authentication
PSD2 additional indicators
Note: Some of these features may require additional certification.

How It Works

Enrollment and Implementation

Merchant & Wallet Provider

  1. Engage 3DS Server (MPI) Provider. (To request a provider list in French, please contact amexenabled@aexp.com)

  2. Click here to complete SafeKey enrollment form

    Enroll
  3. Receive email from SafeKey Merchant Enrollment Team with next steps

  4. SafeKey Merchant Enrollment Team seeks approval from Acquirer

  5. Merchant, Acquirer, 3DS Server (MPI) Provider and SafeKey Merchant Enrollment Team complete required technical setup

  6. Receive email notification of SafeKey ID when process is complete

SDK

A Merchant’s app processes SafeKey transactions using a Software Development Kit (SDK).  SDK Providers are required to enroll with American Express to provide proof of their EMVCo certification.

  1. Click here to register your company with the AMEX Enabled Program

  2. Confirmation email contains link to enrollment form

  3. Complete enrollment form, provide your EMVCo SDK Reference Number

  4. Enroll users to access the AMEX Enabled Dashboard

  5. Access security certificates from AMEX Enabled

ACS & 3DS Server (MPI) Provider

  1. Click here to register your company with the AMEX Enabled Program

  2. Confirmation email contains link to product enrollment form

  3. Complete product enrollment form

  4. Enroll one or more users to access the AMEX Enabled Dashboard

  5. Log in to the AMEX Enabled Dashboard to access certification documentation

  6. Access SafeKey Test Lab from AMEX Enabled to complete testing and certification of your solution

Acquirer

Please contact your American Express representative if you would like to certify for SafeKey.

Issuer

Please contact your American Express representative if you would like to certify for SafeKey.