electronic verification services

verification services Electronic verification services offer a cost effective way to help mitigate the risk of fraud at the point of sale. These services allow you to compare information provided by the customer with information about the Cardmember not available on the Card, thereby allowing you to make a more informed decision about the validity of the Charge prior to completion of the purchase.

9.11.1.1 Card identification (CID) verification

Sensitive authentication data such as the CID Number must not be stored after Authorization even if it has been encrypted. See section 8.3, “standards for protection of Cardmember information” for additional information.

Merchants who utilize the CID Verification tool for In-Person Charges may also qualify for the Keyed No Imprint Program. See

subsection 4.6.1, “keyed no imprint program.”

description The Card Identification (CID) Verification tool helps mitigate fraud on keyed and swiped Charges. The CID Number is associated with each individual Card. Merchants request the four-digit CID Number printed on the Card from the customer at the time of purchase and then submit the CID Number with the Authorization request. Verification of the CID Number is one method to authenticate whether an individual making a purchase has possession of the Card.

CID

The Card Identification (CID) is a four-digit, (flat) number that is printed on every American Express Card. The CID Number is usually located above the Card Number on the face of the Card.

purpose Because the CID Number is associated with each individual Card,

prompting for the CID Number authenticates the Card. Requesting the CID Number for Card Not Present Charges

B

helps to determine that the person placing the order actually has the Card in his or her possession.

Requesting the CID Number for Card Present Charges helps to

B

determine that the person making the purchase is not using an altered or counterfeit Card.

requirements To utilize this tool, you must:

capture the CID Number and enable your Point of Sale System

B

to be able to receive a CID response code. If you receive an “invalid CID Number” Decline, or a “no match” response code, then re-prompt the person making the purchase to re-enter the correct CID Number.

add systematic editing and monitoring abilities to prevent

B

unlimited and repetitive (more than two) entries of the CID Number.

monitor and maintain a high positive match rate.

9.11.1.1 Card identification (CID) verification (continued)

Training is recommended to minimize incorrect entries of the CID Number. Training materials are available for sales and/ or telephone order representatives. To obtain these materials, see our website at: www. americanexpress.com/ fraudinfo.

how it works You obtain the four-digit CID Number and send it with the Authorization request. The Issuer compares this CID Number with that on file for the Card and, based on the comparison, returns a response code to your Point of Sale System. If the customer provides a valid three-digit Card security code and you send it with the Authorization request, you will receive a response code as well.

Check with your Processor, Terminal Provider or, if you have a direct link to American Express, your American Express representative to determine the codes that will be returned to your Point of Sale System. Use the code received to assess the level of risk and determine whether to complete the Charge.

industry _{Appropriate for Card Present and Card Not Present Charges.}

implementation To implement this tool, work with your Processor, Terminal Provider, or if you have a direct link to American Express, your American Express representative.

9.11.1.2 zip code verification

description The Zip Code Verification tool compares the billing zip code provided by the customer with the Cardmember’s billing zip code on file with the Issuer.

purpose The Zip Code Verification tool helps Merchants evaluate the

validity of a Charge by comparing information provided by the customer at the point of sale with information about the Cardmember not available on the Card.

how it works The customer is prompted to enter his or her billing zip code at the point of sale.

The Merchant supplies this information in the Authorization request, through the Merchant’s Point of Sale System. The Issuer compares the billing zip code entered with that on file for the Cardmember and, based on the comparison, returns a response code to the Merchant.

Merchants should incorporate the response from the Issuer into their risk assessment process and determine whether to complete the Charge.

Check with your Processor, Terminal Provider, or if you have a direct link to American Express, your American Express representative to determine the codes that will be returned to your Point of Sale System.

industry Appropriate for all Card Not Present and Card Present

Charges; optimal when your customers swipe their Card through your Point of Sale System.

implementation To implement this tool, work with your Processor, Terminal Provider, or if you have a direct link to American Express, your American Express representative.

9.11.1.3 automated address verification

We recommend you utilize AAV with the Authorization request. In doing so, you will receive a match response based on the AAV data sent, in addition to the Authorization response.

description The Automated Address Verification tool compares the billing name, street address, and zip code provided by the customer with the Cardmember’s billing information on file with the Issuer.

purpose The Automated Address Verification tool helps Merchants

evaluate the validity of a Charge by comparing information provided by the customer at the point of sale with information about the Cardmember not available on the Card.

how it works The Merchant requests information from the customer at the point of sale, including all or any of the following:

name B billing address B zip code B

The Merchant supplies this information in the Authorization request, through the Merchant’s Point of Sale System. The Issuer compares the information provided by the Merchant with the Cardmember’s records, and returns a response code.

The Merchant should use the AAV response code from the Issuer to assess the level of risk and determine whether to complete the Charge.

Check with your Processor, Terminal Provider, or if you have a direct link to American Express, your American Express representative to determine the codes that will be returned to your Point of Sale System.

industry Appropriate for all Card Not Present Charges.

implementation To implement this tool, work with your Processor, Terminal Provider, or if you have a direct link to American Express, your American Express representative.

9.11.1.4 telephone number

verification description The Telephone Number Verification tool compares the

telephone number information provided by the customer with that on file with the Issuer.

purpose The Telephone Number Verification tool helps Merchants

evaluate the validity of a Charge by comparing information provided by the customer at the point of sale with information about the Cardmember not available on the Card.

how it works The Merchant requests telephone number information from

the customer at the point of sale.

The Merchant supplies this information in the Authorization request, through the Merchant’s Point of Sale System. The Issuer compares the information provided by the Merchant with the Cardmember’s records, and returns a response code.

The Merchant should use the response code from the Issuer to assess the level of risk and determine whether to complete the Charge.

Check with your Processor, Terminal Provider, or if you have a direct link to American Express, your American Express representative to determine the codes that will be returned to your Point of Sale System.

industry Appropriate for all Card Not Present Charges.

implementation To implement this tool, work with your Processor, Terminal Provider, or if you have a direct link to American Express, your American Express representative.

9.11.1.5 email address

verification description The Email Address Verification tool compares email

information provided by the customer with that on file with the Issuer.

purpose The Email Address Verification tool helps Merchants evaluate

the validity of a Charge by comparing information provided by the customer at the point of sale with information about the Cardmember not available on the Card.

how it works The Merchant requests email information from the customer at the point of sale.

The Merchant supplies this information in the Authorization request, through the Merchant’s Point of Sale System. The Issuer compares the information provided by the Merchant with the Cardmember’s records, and returns a response code.

The Merchant should use the response code from the Issuer to assess the level of risk and determine whether to complete the Charge.

Check with your Processor, Terminal Provider, or if you have a direct link to American Express, your American Express representative to determine the codes that will be returned to your Point of Sale System.

industry Appropriate for all Card Not Present Charges.

implementation To implement this tool, work with your Processor, Terminal Provider, or if you have a direct link to American Express, your American Express representative.

9.11.2 additional services In addition to our electronic verification services, we also offer