American Express, long one of the savviest financial marketers, recently updated the look of its routine "payment received" email confirmation.
But the "Dear Cardmember" salutation is a mistake.
With all the hysteria about phishing and email fraud, the opening should be personalized, both to differentiate itself from SPAM and to insulate cardmembers (and itself) from phishing attacks. This is especially important in a communication which includes a built-in login button, an inviting target for phishers.
American Express does provide several unique identifiers: the last 5 digits of the card number, the payment date, and payment amount. But those aren’t instantly recognizable to all cardmembers. The combination of account name and the last few digits is much more effective (see Citibank article).
A for look & feel
A- for cross sales (two offers might be a bit much)
A for self-service with five links to popular online card management functions
B- for security (last 5 digits included, but no cardholder name, no mention of how to verify the authenticity)
If you’d like to learn more about the bank and financial services email trends, check out Email Marketing in Financial Services: Leveraging the Inbox from our sister publication, the Online Banking Report.