The security that offers protection for your online business
An online security tool that protects businesses and helps them prosper
American Express SafeKey® is a 3-D Secure® authentication tool that reduces online fraud by confirming the Cardmember’s identity with an additional password. Whether you’re a Merchant or an Acquirer, with American Express SafeKey®, you can leverage existing 3-D Secure® technology to minimise fraud through a consumer-friendly solution.
There are several ways SafeKey® can help Merchants optimise operational efficiency and increase profits
Merchants can transfer the liability for chargeback losses from applicable transactions to the issuing bank with the Fraud Liability Shift (FLS) Policy. That means Merchants are not liable for losses on eligible transactions authenticated by the issuing bank in SafeKey®-enabled markets.
Our solution may decrease the number of chargebacks Merchants have, lowering the need for a resource dedicated to chargebacks.
SafeKey® works alongside existing fraud tools to validate a Cardmember’s identity.
Put customers at ease and increase their confidence by reassuring them you are taking extra steps to combat fraud.
Merchants may increase profits
Increase consumer confidence by reassuring them you are taking extra steps to combat fraud.
Put customers at ease.
Make customers feel comfortable spending more with you, potentially increasing existing spend and attracting new customers.
SafeKey® works with your current infrastructure
Key Steps to Start Using SafeKey
Select a certified 3DS Server Provider (see www.amexenabled.com for a list of providers who are certified for SafeKey®)
Work with your 3DS Server to complete technical set-up for SafeKey®
Ensure the SafeKey® logo is visible on your website and on the checkout/payment page
For enquiries, contact your American Express Merchant Relationship Manager, or email MerchantSafeKey@americanexpress.ae
FAQs
Select a certified 3DS Server Provider (see www.amexenabled.com for a list of providers who are certified for SafeKey®)
Work with your 3DS Server to complete the technical setup for SafeKey®
Ensure the SafeKey® logo is visible on your website and at checkout
Contact your American Express Middle East Merchant Relationship Manager or email MerchantSafeKey@americanexpress.ae if you have any questions
Select a certified 3DS Server Provider (see www.amexenabled.com for a list of providers who are certified for SafeKey®)
Work with your 3DS Server to complete the technical setup for SafeKey®
Ensure the SafeKey® logo is visible on your website and at checkout
Contact your American Express Middle East Merchant Relationship Manager or email MerchantSafeKey@americanexpress.ae if you have any questions
Technically, SafeKey® can be switched off by the Merchant. However, please note that the intention of SafeKey® is to reduce instances of online Card fraud. As such, American Express does not recommend turning off SafeKey® at any time in accordance with guidelines.
Technically, SafeKey® can be switched off by the Merchant. However, please note that the intention of SafeKey® is to reduce instances of online Card fraud. As such, American Express does not recommend turning off SafeKey® at any time in accordance with guidelines.
During checkout, the Cardmember inputs their payment method as American Express and provides the Card number.
The Merchant Plug-in ("MPI") component running at the Merchant will communicate with the American Express Directory Server to determine if the American Express Card is enrolled in American Express SafeKey®.
The American Express Directory Server will communicate with the Card Issuer to determine if the Card is enrolled in the service.
The Issuer will respond with a status of "Y" if the Card is enrolled, along with a URL where the Cardmember needs to be sent for authentication (the Authentication Site).
The Merchant application will automatically redirect the Cardmember to the Authentication Site.
At the Authentication Site, the Issuer will display the password page where the Cardmember will input the password. The Issuer will send a response to the Merchant with the authentication result. For security, the message will be digitally signed.
The MPI will validate the signature and advise the Merchant of the authentication result.
The Merchant can approve or decline the transaction based on the authentication result.
During checkout, the Cardmember inputs their payment method as American Express and provides the Card number.
The Merchant Plug-in ("MPI") component running at the Merchant will communicate with the American Express Directory Server to determine if the American Express Card is enrolled in American Express SafeKey®.
The American Express Directory Server will communicate with the Card Issuer to determine if the Card is enrolled in the service.
The Issuer will respond with a status of "Y" if the Card is enrolled, along with a URL where the Cardmember needs to be sent for authentication (the Authentication Site).
The Merchant application will automatically redirect the Cardmember to the Authentication Site.
At the Authentication Site, the Issuer will display the password page where the Cardmember will input the password. The Issuer will send a response to the Merchant with the authentication result. For security, the message will be digitally signed.
The MPI will validate the signature and advise the Merchant of the authentication result.
The Merchant can approve or decline the transaction based on the authentication result.
No.
No.
An American Express SafeKey® authentication attempt occurs when a Merchant requests to authenticate the Cardmember but the Cardmember or Issuer has not been enrolled in the SafeKey® programme, and both the Merchant and Issuer are in SafeKey®-designated markets. In this scenario, valid authentication data [e.g., American Express Verification Value ("AEVV") and Electronic Commerce Indicator ("ECI")] value will be required in the Authorisation and Submission messages as evidence of the attempt.
An American Express SafeKey® authentication attempt occurs when a Merchant requests to authenticate the Cardmember but the Cardmember or Issuer has not been enrolled in the SafeKey® programme, and both the Merchant and Issuer are in SafeKey®-designated markets. In this scenario, valid authentication data [e.g., American Express Verification Value ("AEVV") and Electronic Commerce Indicator ("ECI")] value will be required in the Authorisation and Submission messages as evidence of the attempt.
No. Merchants can only obtain FLS on fully authenticated SafeKey® charges. For non-authenticated SafeKey® charges, or standard e-commerce charges, the standard Card Not Present Card acceptance policy applies and the Merchant is liable if the Cardmember later disputes the charge.
No. Merchants can only obtain FLS on fully authenticated SafeKey® charges. For non-authenticated SafeKey® charges, or standard e-commerce charges, the standard Card Not Present Card acceptance policy applies and the Merchant is liable if the Cardmember later disputes the charge.
For Additional information on which market standard specifications currently support American Express SafeKey®, Merchants may contact their American Express Middle East Relationship Manager, or email MerchantSafeKey@americanexpress.ae
For Additional information on which market standard specifications currently support American Express SafeKey®, Merchants may contact their American Express Middle East Relationship Manager, or email MerchantSafeKey@americanexpress.ae
For additional details, Merchants can contact their American Express Middle East Merchant Relationship Manager, or email MerchantSafeKey@americanexpress.ae
For additional details, Merchants can contact their American Express Middle East Merchant Relationship Manager, or email MerchantSafeKey@americanexpress.ae
In order to be eligible for the Fraud Liability Shift a Merchant must:
Use all other American Express online fraud prevention tools available in their market
Utilize SafeKey®
Maintain a Fraud-to-Gross (FTG) level of 1% or less for all SafeKey® transactions
In order to be eligible for the Fraud Liability Shift a Merchant must:
Use all other American Express online fraud prevention tools available in their market
Utilize SafeKey®
Maintain a Fraud-to-Gross (FTG) level of 1% or less for all SafeKey® transactions