American Express - Merchant: In Case Of A Breach

Start of menu

My Account
You are under MyAccount Primary Tab
Card AccountExpand / Collapse
Business AccountsExpand / Collapse
Other AccountsExpand / Collapse
- International Money Transfers for Card Members
Cards
You are under New Cards Primary Tab
Personal CardsExpand / Collapse
Small Business CardsExpand / Collapse
Corporate CardsExpand / Collapse
Gift CardsExpand / Collapse
- View Gift Cards
Travel
You are under Travel Primary Tab
Online TravelExpand / Collapse
Travel ResourcesExpand / Collapse
Business TravelExpand / Collapse
Travel MoneyExpand / Collapse
Insurance
You are under Insurance Primary Tab
All InsuranceExpand / Collapse
- Insurance Homepage
Insure my travelsExpand / Collapse
Insure my pet and possessionsExpand / Collapse
- Pet Insurance
- Gadget Insurance
Insure meExpand / Collapse
Rewards
You are under Rewards Primary Tab
Membership RewardsExpand / Collapse
Other Reward ProgrammesExpand / Collapse
OffersExpand / Collapse
- Cardmember offers
- Refer friends. Get rewarded.
InvitesExpand / Collapse
- Entertainment
Business
You are under Business Primary Tab.
MerchantsExpand / Collapse
CorporationsExpand / Collapse
Small Business CardsExpand / Collapse
Global NetworkExpandir / Colapsar

GET STARTED...

	Data Security Home
	Merchant Information
	Service Provider Information
	PCI Security Requirements
	Frequently Asked Questions
	Watch Data Security Video

Data Security
Standard

Merchant
Levels

Compliance
Requirements

In Case Of
A Breach

Duty to Notify American Express
As a Merchant, if you know or suspect that Cardmember information has been accessed or used without authorisation you must, as detailed fully in the Data Security Operating Policy:

Notify American Express immediately
Work with American Express and auditors to conduct a thorough audit of the incident
Provide any and all information, and follow all instructions provided by American Express with regard to the incident

If you believe that Cardmember information has been compromised, contact your Client Manager or call our Customer Services Team on
01273 675 533. You may also notify the American Express Enterprise Incident Response Program (EIRP) by filling out the Initial Notice Form
and sending it via email to EIRP@aexp.com.

You can avoid additional costs from a data incident:

By notifying American Express immediately if you know or suspect your data has been compromised
By ensuring that you are in full compliance with the American Express Data Security Operating Policy
If the data incident was not caused by the wrongful conduct of you or one of your employees or agents