Compliance: American Express to Favour EMV
- American Express walks in the footsteps of rival card networks and starts issuing EMV-compliant cards in the US. This considered, its processors, issuers and accepting merchants have to comply with a schedule designed to ease EMV rollout and ensure interoperability nationwide and worldwide: both contact and contactless cards will be concerned. American Express EMV cards should be issued starting S2-2012.
- By April 2013, processors must be able to support American Express EMV chip-based contact, contactless and mobile transactions. By October 2013, merchants displaying 75% EMV transactions will be eligible to receive relief from PCI-DSS reporting requirements.
- Finally, starting October 2015, a Fraud Liability Shift (FLS) will be instituted to pressure the different parties into sticking to their commitments and transfer liability for certain types of fraudulent transactions to the party that has the least secure form of EMV technology. Gas stations have an additional two years to comply with these requirements.
Source: American Express press release
- As Visa, MasterCard and Discover before them, American Express praises EMV compliance on a territory used to supporting mag-stripe cards. Announcements follow one another and in February Visa explained that about ten US financial institutions were already issuing EMV cards (Wells Fargo, JPMorgan Chase, U.S. Bancorp, State Employees Credit Union or United Nations Federal Credit Union for instance); their cumulated portfolio exceeds One million (contact) smart cards (see February 2012 Insight).
- American Express makes no exception and praises rollout phases relatively close to those published by Visa in August 2011 (see August 2011 Insight). However, its liability shift programme plans that the cost of fraud should be transferred to the party with least advanced security measures in place, as does MasterCard’s. Visa, for its part, imposes that merchants have opted, at least for contact EMV terminals, and does not pressure them into preferring one or the other authentication method (signature or PIN). American Express and MasterCard then appear stricter on this point.
See also April and June 2011 as well as March and May 2012 Insights