Spring 2022 American Express Network Changes and What They Mean for Your Business

There are over half a dozen documents for the April 2022 network changes. You could plow through all of them to understand how changes impact your operations, financial forecasting needs, and technical environment. While we’ll never know your merchant model as well as you do, you can think of us as your farmer’s almanac for growing payment processing success. And if you grow your knowledge, you can cultivate better outcomes. Let’s quickly recap the importance of these changes which we introduced in a previous blog:

• Changes generally fall into one or more of the following categories: authorizations; capture, settlement, or submission; disputes; fees

• Changes are often driven by regulatory changes to protect consumer rights, are released semi-annually, and they often have downstream impacts on reporting, monitoring, and customer experience

• Some changes are mandatory, others are not, though changes that aren’t mandated often result in fees if they aren’t implemented

• Effective dates can change

Many of the upcoming changes are new to American Express processing but align with other card network processing concepts. Read through everything or skip to the sections most relevant to you business using the links below.

Changes to Recurring Billing Processes

American Express announced requirements to address the use of credentials-on-file without direct participation from the cardmember effective October 14, 2022. The changes will add codes and formats needed to process and identify a merchant initiated transaction (MIT) in authorizations and submission and includes important details about cardholder consent and notifications.

(read more)

Authorizations on Refunds and Credits

Other card networks have already worked this crop of changes into their rotation yet many merchants may still be trying to figure out how to handle refunds when they are declined or charged back for no approval code. American Express is not making this mandatory—yet—but it’s likely given how this has grown into fees and chargeback losses where it already applied to Visa and Mastercard.

(read more)

Revised American Express SafeKey Fraud Liability Shift

SafeKey is the American Express version of 3DS and is designed to help reduce fraud. The AESK program shifts the liability of a fraud chargeback to the issuer if the conditions of the program are met.

(read more)

New Error for Mismatched Merchant Category Codes (MCCs)

A new soft error message was announced in the Notification of Specification Changes (NOSC) April 2022 guide. On the surface, this is a pretty minor change and announcement, but it might grow into something you need to watch out for.

(read more)

Expansion of Indirect Acceptance Modules Includes Installment Payment Providers (IPPs)

American Express is expanding their support to include marketplace sellers and installment payment providers, which is big news. They’re adding definitions to their glossaries, expanding submission records to include enhanced data, and modifying chargeback requirements.

(read more)

Reminders About Past Announcements

• SafeKey 1.0 will be deprecated and all users must migrate to 2.0 by October, 2022. This is similar to dates for changes to 3DS for Visa/Mastercard as well, and it’s important to not let this sneak up on you. 

• The inbound fee increased from .060% to 1% on April 1, 2022: this is essentially a cross border fee and applies to charges on cards issued outside of the US and/or Canada, depending on where your business is located

• Data encryption format change: this was previously announced for implementation but has been delayed with no new date provided

Into the Weeds

Changes to Recurring Billing Processes: Details

American Express announced requirements to address the use of credentials-on-file without direct participation from the cardmember effective October 14, 2022. The changes will add codes and formats needed to process and identify a merchant initiated transaction (MIT) in authorizations and submission and includes important details about cardholder consent and notifications. New terminology will also be added to their glossary since this is a new concept for American Express:  

• Cardmember initiated transaction (CIT) - A transaction which involves the direct participation of the cardmember. 

• Credential-on-file - Any cardmember account data, including but not limited to PAN or token, that is stored by merchants. Merchants may store credentials-on-file to initiate merchant initiated transactions and cardmembers may use their credential-on-file to initiate cardholder initiated transactions

• Merchant initiated transaction (MIT) - A transaction based on a prior agreement between cardmember and merchant that is initiated by the merchant without direct participation from the cardmember, through merchant use of account data on file

• Original transaction identifier (O-TID) - A transaction identifier (TID) generated by the AEGN during an authorization request for a cardmember-Initiated transaction which links all subsequent merchant initiated transactions back to the original cardmember initiated transaction. 

Credentials-on-file are a great way to drive loyalty and reduce friction at checkout. When cards are stored, however, they pose a risk. A great way to reassure your customers, obtain required consent to store the card, reduce customer effort, and improve authorization success would be to use Toucan, our network tokenization service and/or Loon, our account updater service. When you ask the customer for consent to store their card, you can use that event to trigger one of these two Pagos services.

• Toucan offers improved security (if you choose to store only the network token value vs. the customer's card) and improves authorization success.   

• If you want to store the customer’s card, subscribe to Loon so when the cardholder's card is replaced, you’ll have a way to keep the card on file up to date!     

Authorizations on Refunds and Credits: Details

Other card networks have already worked this crop of changes into their rotation yet many merchants may still be trying to figure out how to handle refunds when they are declined or charged back for no approval code. American Express is not making this mandatory—yet—but it’s likely given how this has grown into fees and chargeback losses where it already applied to Visa and Mastercard.

The change is expected to ensure that by October 2022 merchants and processors are ready to handle the new authorization message calls. It’s being communicated as a means of improving customer awareness and reducing disputes. The announcement includes changes that will be included in the October Regulations that state “If you choose to support Authorization for Credit, you shall comply with the Authorization requirements as applicable.”

If you already have a process in place to deal with declined refunds on Visa and Mastercard, this should be an easy change to make any time after October or until it’s required. If you are not sure how you are handling things like declines or chargebacks on refunds or credits, this is one more reason to start minding your garden. (We’ll have a blog that digs deeper into this topic.)

Revised American Express SafeKey Fraud Liability Shift: Details

SafeKey is the American Express version of 3DS and is designed to help reduce fraud. The AESK program shifts the liability of a fraud chargeback to the issuer if the conditions of the program are met. The criteria are calculated monthly, based on all charges as determined by American Express. The change is minor but will yield less fraud loss savings and may mean merchants need to prepare a response plan.

Today program eligibility requires either:

• A fraud ratio of less than 1% or 

• Fraud charges of less than U.S. $25,000

After October 14, 2022, the requirements will be to:

• Not exceed a 0.9% fraud ratio and

• Fraud charges of less than USD $25,000 

The change also adds the condition that, if at any time the fraud to sales ratio is exceeded, the merchant must work with American Express to reduce the number of disputed charges coming from their establishment.   

Some cards, such as gift cards, are not eligible for the AESK Program, because they cannot be fully authenticated by the issuer at the time of the charge. These are not included in calculations of your ratio.  

If you want to create alerts and measurements for these programs, you may want to consider adding a perch for these birds! 

• Parrot Batch gives you access to the American Express BIN range and card product types as well as Visa, Mastercard, and Discover. Plus, it allows you to use the data anywhere you need it.

• Peacock provides a consolidated view of all your chargebacks by type, by the network, with count, and amounts.  

• Canary allows you to track when your volume of fraud chargebacks on American Express cards reach thresholds in advance of being notified by American Express. This added time and responsiveness—and the ability to quickly determine if the challenges you’re facing are network-specific or not—will save you time and money. 

New Error for Mismatched Merchant Category Codes (MCCs): Details

A new soft error message was announced in the Notification of Specification Changes (NOSC) April 2022 guide. This code will be returned when the merchant category code value doesn't correlate with authorization. Direct link merchants and third-party processors are expected to be able to receive and process this new value by October 2022. Certification is not required, but this changes potential monitoring opportunities which (as we have seen before) can grow from changes to fees, and from fees to chargebacks.

Expansion of Indirect Acceptance Modules Includes Installment Payment Providers (IPPs): Details

American Express is expanding their support to include marketplace sellers and installment payment providers, which is big news. They’re adding definitions to their glossaries, expanding submission records to include enhanced data, and modifying chargeback requirements.

These fields are mandatory and certification is required. The name value is the Installment payment Providers (IPPs) which are offering the bill now pay later (BNPL) payment option and the end beneficiary. Additional chargeback response criteria for these transactions require a copy of the IPP’s terms and conditions agreed to by the cardmember and details explaining how the cardmember did not comply with the terms and conditions. 

Network Change Documents

We're pitching in to reduce the complexity of payments for businesses with our interpretations of network regulations and changes. However, if you want to get into the weeds, here are some relevant documents to reference and share with your technical teams:

• Notification of Specification Changes (NOSC) Publication Date: April 2022    

• Mandates Publication: April 2022

• Global Codes & Information Guide April 2022

• Global Credit Authorizations Guides (ISO 8583 1993 (version1 ) April 2022

• Global Credit Authorizations Guides XML  April 2022

• Global Financial Submission Guide April 2022

• Merchant Regulations International Aprill 2022

• Merchant Regulations U.S April 2022

Access Note: Log into your American Express merchant account to download these documents. If you don't have a direct merchant account with them, ask your payment service provider for them.

Next Steps

Keep an eye on the Pagos Blog for additional updates on industry changes. Interested in working with Pagos? Check out Pagos.ai or contact us for more information.

We've provided the content in this blog post solely to inform and educate. Pagos doesn't provide legal advice and this content shouldn't be taken as such. You're strongly encouraged to consult with your payments partners and legal teams before implementing any changes based on the content in this post.