Start of menu
Close Menu

American Express has a long-standing commitment to protecting Cardmember information.

After all, compromised data has a negative impact on everyone - consumers, Merchants and card issuers – and even one incident can severely damage a company's reputation and impair its ability to conduct business effectively.

If you are already a Merchant, please login to our existing Merchant website to view our comprehensive data security content under the Support and Services section. Click here to login.

Our role in Data Security

Cardmembers rely on American Express for the highest level of service and protection. This is why we developed the Data Security Operating Policy and work alongside Merchants and Service Providers to help establish security programmes that are up to the job.

American Express is a founding member of the PCI Security Standards Council. The Council is designed to manage the ongoing evolution of the PCI Data Security Standard and to foster its adoption in the payment card industry. Through our participation in the Council, American Express continues our commitment to pursue all aspects of data security with diligence.

Your role in Data Security

Merchants have an important role to play in protecting Cardmember information. In agreeing to accept the American Express ® Card, you have agreed to the terms of our Card Acceptance Agreement. This contains the Data Security Operating Policy, which requires compliance with the PCI DSS.

View the American Express Data Security Film to learn more about the American Express Data Security Operating Policy.

View the Data Security Operating Policy for Merchants here.
View the Data Security Operating Policy for Service Providers here .

To learn more about PCI DSS visit the PCI Security Standards Council’s website and view the
Payment Card Industry Data Security Standard.

In case of breach

Data Incident Management Obligations.

Merchants and Service Providers must notify American Express immediately.

If you believe that Cardmember information has been compromised, notify the American Express Enterprise Incident Response Program (EIRP) by filling out the Initial Notice Form and sending it via email to

Ready to accept
American Express?

Simply complete our short enquiry form, and we'll be in touch soon.

Need to know more?

Contact our Merchant Services Hotline now.