Fraud Prevention

  1. Resources
  2. Fraud Prevention
  3. American Express SafeKey

American Express SafeKey

American Express SafeKey

American Express SafeKey: How 3-D Secure Works on the Amex Network

American Express SafeKey is an Amex-specific security solution that leverages 3-D Secure technology to detect and reduce online fraud. SafeKey provides an extra layer of security when consumers shop through web browsers or in-app using their Amex card.

How does it benefit your business, though?

This article will examine American Express SafeKey. We’ll examine how Amex implements the technology, discuss some of the benefits SafeKey offers, and weigh them against potential downsides of the tool.

What is 3-D Secure Technology?

Let’s start with the basics.

3-D Secure is a customer authentication protocol created for eCommerce. The system is used to validate buyers at checkout, creating an additional layer of security for online transactions. Card networks recommend that both issuing banks and merchants support the protocol.

You can enroll in 3DS programs through each card brand. If you’re uncomfortable doing this yourself, contact your processor or merchant account provider to see if they offer 3DS and can help you deploy it in your eCommerce store. Some third-party providers can help you implement 3-D Secure verification as part of a chargeback management plan.

Learn more about 3-D Secure
American Express SafeKey

The 2021 Chargeback Field Report

The 2021 Chargeback Field Report is now available. Based on a survey of over 400 US and UK merchants, the report presents a comprehensive, cross-vertical look at the current state of chargebacks and chargeback management.

Free Download

How American Express SafeKey Uses 3DS Tech

SafeKey is a 3-D Secure service specific to Amex that leverages real-time authentication software to verify card users before a transaction. This data is used to detect stolen cards, identify unauthorized users, and thwart fraud attempts before a transaction can be processed. This technology aims to help merchants improve their anti-fraud and chargeback prevention efforts.

Approved transactions with American Express SafeKey work like this:

Phase 1 | Authentication Requested

When a customer inputs their card information to make a purchase, this data is processed through Amex SafeKey. The technology evaluates the cardholder based on their login credentials, location, and transaction history to determine the likelihood of a fraudulent transaction. This entire process occurs in just seconds.

Phase 2 | Approval

If the cardholder’s credentials check out, SafeKey’s algorithm will approve the transaction in real-time. After being authenticated and authorized, the cardholder will be seamlessly directed to the confirmation page without delay.


What if the credentials provided by the buyer don’t check out, though? Transactions declined by American Express SafeKey work like this:

Phase 1 | Authentication Requested

Same as above, the cardholder submits credentials that run through SafeKey for verification. The technology evaluates the cardholder to determine the likelihood of a fraudulent transaction. Again, this entire process occurs in just seconds.

Phase 2 | Verification Email Trigger

Suppose the SafeKey algorithm cannot authenticate the cardholder’s credentials. In that case, the cardholder will be sent a temporary passcode via email or SMS that they can input into a pop-up field. This tends to happen if the cardholder is doing anything outside the norm, like buying in a far-flung locale that's thousands of miles from home. It may also happen if their identity cannot be verified, or they misspelled anything during the verification process.

Phase 3 | Transaction Decline

Suppose the passcode is not imputed correctly by the individual attempting to initiate the transaction or the code times out. In either case, the transaction will be denied, and an email explaining the reason for the decline will be sent to the cardholder.

3DS technology can stop many fraud attacks. But…what about those it can’t stop?

REQUEST A DEMO

It’s important to recognize that most genuine cases of credit card fraud result from card information being bought and sold on the dark web. Fraudsters use card details acquired through data breaches, phishing attacks, identity theft, and ATO fraud to commit all sorts of criminal acts.

Credit card numbers alone are not a foolproof method to commit fraud. In fact, many scammers buy their stolen card numbers in bulk and try as many as they can at a time, hoping one will work where ten might fail. Therefore, merchants who implement 3DS services in tandem with their regular fraud prevention systems can really make it difficult for the fraudster.

Benefits of American Express SafeKey

According to Amex, SafeKey 2.0 enables merchants and issuers to exchange detailed information, helping reduce fraud and minimize the need for a one-time passcode. This improves the user experience and helps prevent shopping cart abandonment.

Building consumer confidence can help expand your market reach. Enhanced fraud protection through SafeKey may encourage online customers to spend more and help grow your business. It can:

Reduce Fraud Liability

Amex SafeKey transfers liability for fraud chargebacks on SafeKey-authenticated and attempted transactions onto the issuer. It also works alongside other tools to manage fraud.

Increase Profitability

Amex SafeKey helps customers feel more secure about online purchases, potentially increasing their confidence to spend.

Reduce Shopping Cart Abandonment

The tool lets Amex use additional data elements already part of the checkout process to authenticate a users without a challenge (requesting the card member prove their identity, e.g., by using a One-Time Passcode). This reduces friction, leading to higher conversion.

Potential Downsides to SafeKey

American Express SafeKey is a vast improvement over earlier fraud prevention tools. Unfortunately, there is still no such thing as a “foolproof” fraud prevention solution.

Programs like SafeKey can introduce friction at the secondary approval stage that can interrupt customers’ checkout process due to overly sensitive fraud triggers. As a consequence, some legitimate customers might be put off by the additional security measures and ultimately abandon their carts. Merchants should be aware that this happens often enough that friction will likely be an issue.

American Express SafeKey

50 Insider Tips for Preventing More Chargebacks

In this exclusive guide, we outline the 50 most effective tools and strategies to reduce the overall number of chargebacks you receive.

Free Download

Additionally, all programs using 3DS are still largely ineffective against friendly fraud and other forms of first-party abuse. Since friendly fraud is a post-transactional act committed by the actual cardholder, 3DS will be rendered useless in these cases. This is a serious concern because friendly fraud accounts for the bulk of merchant chargebacks.

So, how can merchants combat these concerns and still get the most out of 3DS technologies like Amex SafeKey? The answer is to adopt a broader strategy to mitigate fraud.

3DS: A Smart Addition to Any Fraud Prevention Strategy

3-D Secure 2.0 technologies like American Express SafeKey work best as part of a multilayer fraud and chargeback management strategy.

Incorporating 3DS into a multi-faceted anti-fraud system can stop many fraud attacks in their tracks. Most fraudsters are unlikely to have all the data they need to combat these systems working in tandem with each other. That said, redundancies give you a tighter screening net, letting you identify more fraud attacks and generate better data.

Using the Right Tools

Implementing the right tools, along with smart chargeback prevention and risk mitigation coverage, can drastically improve your odds against friendly fraud and other post-transactional fraud.

Learn about fraud detection tools

Fraud Scoring

Your fraud detection tools should be backed by fraud scoring, allowing you to decline risky transactions automatically. This will go a long way to help protect your business against fraud and chargebacks.

Learn more about fraud scoring

American Express SafeKey is available to EMV-certified merchants (who can provide written certification verification) and PCI-DSS compliant. For true risk mitigation, though, you need a customized, end-to-end solution that can deploy the right tools and tactics where they will do the most good.

If you’re interested in learning more about 3-D Secure—or any other aspect of chargeback management—contact Chargebacks911® today. We can show you how to take chargebacks off your plate and increase your ROI.


Prevent Chargebacks.

Fight Fraud.

Recover Revenue.

Embed code has been copied to clipboard