Blog

Follow Stripe on Twitter

Kicking off Stripe’s private beta in India

Anand Balaji on December 12, 2017

Today, we’re starting an invite-only beta for Stripe in India with a small group of companies. These businesses will help us test our platform in the Indian market and provide feedback on features that we’ll need to build to support all Indian businesses looking to accept online payments and run their companies on Stripe.

Supporting Indian entrepreneurs is critical to our mission of expanding the GDP of the internet. Now more than ever, India is uniquely positioned to move more commerce online: In just the past two years, the percentage of India’s population connected to the internet has more than doubled to 500 million users. And in 2016, India saw more than twice the number of new businesses start as the United States.

With Stripe Atlas, we’ve already been able to help some Indian entrepreneurs build and scale global companies. However, we believe that by operating locally in India—with the ability for Indian companies to connect their local bank accounts to Stripe and get paid out in rupees—we can help support even more businesses and more types of business models (such as local marketplaces) in the years to come.

We’re thrilled to bring the Stripe platform to India and build new products specifically for Indian businesses. (If you’re excited by this challenge, join our engineering team to help us accelerate our progress!)

We’ll slowly add more users to the beta in the next few months to test specific functionality. If you’re interested, you can sign up to stay updated!

December 12, 2017

Improving reviews in Radar

Matt DuVall on November 29, 2017

When we launched Stripe Radar to help you prevent payment fraud, we built in the ability to manually review suspicious payments. Suspicious payments are flagged for review either by Radar’s machine learning systems or when they trigger a custom rule set by your business.

Since fraud generally increases during the holiday season, we’re launching several new features today to provide more signals and contextual data to improve the review flow:

Use behavioral patterns to identify fraud

Radar’s machine learning systems use hundreds of signals and heuristics to determine whether a payment might be fraudulent. When manually reviewing suspicious payments, we’ve found that behavioral signals provide useful data, so we’re adding some of these signals to the review page.

When reviewing payments, you’ll now see the operating system and device type used to make the purchase, the number of pages viewed before a purchase, and the purchase session duration. (Fraudulent purchases will often have suspiciously quick session lengths compared to a typical session for your business.)

Additionally, to help you quickly identify discrepancies, we now also display the distance between the location of the IP address used to make the purchase and the address associated with the credit card.

See related payments when reviewing charges

A particularly useful fraud detection mechanism is to cross-reference related payments, so you’ll now see related payments inline when reviewing a charge. Stripe’s machine learning systems already look for anomalies and suspicious patterns across billions of dollars of payments data. We’re now augmenting this by directly surfacing related payments made on your account for additional human analysis.

Radar will automatically surface payments that share the same IP address, card, or customer as the payment you are currently reviewing. This should help catch common fraud patterns such as naive card testing (where many different cards would share a single IP address) or trial abuse (where many “customers” would share the same card):

These data points reveal fraud patterns that might be otherwise tricky to detect. Is the user purchasing goods on a device that is nowhere near the billing address? Did they view only one page before making a $2500 purchase?

During our beta for these features, the team at Watsi (a healthcare nonprofit) reported that it took significantly less time to review payments than before and that it was easier to accurately identify fraudulent donations.

If you’re interested in getting started or want to learn more about how to enable these signals for your business, check out our integration guide and best practices. To take full advantage of the functionality, you just need to include Stripe.js across your site (not just the checkout page) and pass relevant customer information—like name, email address, and billing and shipping addresses—to Stripe using the customer object. We’ll then automatically handle the rest.

We hope this update is useful for your business during the upcoming holiday season. If you have any questions or feedback, please let us know!

November 29, 2017

Issue stock to founders using Stripe Atlas

Alex Kehayias on October 31, 2017

Today, we’re launching a tool that helps Stripe Atlas companies issue stock to founders, as well as a few more features to help after incorporation.

Since launching Stripe Atlas, we’ve worked with thousands of founders who are building everything from a behavioral therapist chatbot to a search engine for enterprises. We’ve repeatedly heard from them that the challenges of starting a business hardly end with incorporation—there are often many complexities to navigate around the company’s legal and financial infrastructure as well:

Issuing stock to founders

Stripe Atlas companies can now issue stock to their founding team for free. Companies can generate, review, sign, and store a full set of stock issuance documents using Atlas. These documents feature terms that are standard among many tech startups and top investors, such as four year vesting with a one year cliff. They’re generated from templates prepared by Orrick, a leading law firm for technology companies.

Issuing stock is often a vital part of starting a company and tricky to get right. (Unfortunately, it’s not uncommon for startups to spend thousands of dollars on legal bills figuring this out, or potentially tens of thousands to correct mistakes after the fact.) Properly issued stock establishes founders’ stake in the long term success of the company, can protect the company’s intellectual property, and defines what happens if any of the founders leave. Future investors and employees will also look for industry-standard equity terms when deciding to work with you.

We built our stock issuance tool to make the process much simpler to navigate. Here’s how it works:

To help you navigate this important process, we’ve also published a new Stripe Atlas guide with help from experts at Orrick to provide many more details and background around allocating stock.

A checklist for next steps after incorporation

Getting the details right at the time of incorporation helps avoid painful fixes down the road. Based on feedback from Stripe Atlas companies, we’re launching a personalized checklist in the Dashboard of the most important tasks you should consider after incorporating, such as hiring an accountant or registering your business locally. We’re working to automate as many of these tasks as possible. To start, we’re adding a tool to renew a registered agent—a legally-required bit of busywork for companies incorporated in Delaware—with a single click.

We hope these new tools are helpful to founders! If you have any feedback or questions about Stripe Atlas, please let us know—we’re excited to help companies around the world get started and grow their businesses.

The best way to start an internet business. Join Stripe Atlas

October 31, 2017

Schedule queries in Stripe Sigma

Mikito Takada on October 18, 2017

Stripe Sigma helps you analyze your Stripe data with industry-standard SQL, making it easier to get powerful real-time insights into your business data. Today, we’re adding a couple more useful features in response to requests we’ve heard.

Scheduled queries

First, we’re adding scheduled queries. With scheduled queries, you can now turn any Sigma query into a daily, weekly, or monthly report. We’ll automatically run any Sigma query you choose and email you the results. (And, as with other Stripe events, scheduled queries will automatically fire a webhook in case you’d like to take programmatic action.)

You can set up scheduled queries to automatically share results with specific team members on your Stripe account. For example, you can send:

  • A list of high-value signups to a sales manager.
  • Monthly balance reports to your accounting team.
  • A report of subscriptions expiring in the next week to your account management team.

You can set up a schedule for an existing query or write a new one.

Declines analysis

Second, you can now write queries in Sigma to analyze declines using detailed data about whether a charge succeeded or failed and why. If you use Stripe Radar, risk scores and rule data are also available to query. We’ve added a few new example templates to Sigma to help. For example, you might use this feature to find why credit cards are getting declined:

Month Outcome reason Issuer decline count
2017-09 do_not_honor 2
2017-09 insufficient_funds 9
2017-08 transaction_not_allowed 1
2017-08 generic_decline 3

We hope these features make Sigma more useful for you. If you have any feedback or questions, let us know!

Start a free trial of Stripe Sigma for your business. Request access

October 18, 2017

New security features for your Stripe account

Aaron Forsander on September 13, 2017

Today, we’re launching two additional features to improve the security of your Stripe account: an option to use hardware tokens for two-step authentication and the ability to create API keys with restricted access and granular permissions.

Two-step authentication with hardware tokens

We first introduced two-step authentication for Stripe accounts back in 2012. Now, in addition to SMS or using Google Authenticator, you can also register a physical security key to approve logins to your Stripe account. We support any device using the Universal 2nd Factor (U2F) standard hosted by the FIDO Alliance. You can read more about the devices and browsers we support; of note, a single hardware key can be registered for two-step authentication with multiple services like AWS, Google, GitHub, and more.

We recommend using a hardware key to protect your Stripe account because they are designed to be resistant to phishing attacks. A U2F key requires physical access to the hardware device, not just access to your password. Unlike two-step authentication that uses SMS or Google Authenticator, you can’t be tricked into entering a pin on the wrong website. In addition, tapping the device is faster than waiting for an SMS code and typing it in.

When you’re ready, you can register a device from your Dashboard settings. Note that you’ll need to enable at least one other two-step authentication method as a backup option before you can add your security key.

Restricted access API keys

We’ve added the ability for businesses to generate multiple API keys, allowing developers to safely grant programmatic access to Stripe accounts while precisely defining the scope of each API key; these keys can also be revoked at any time.

We’ve heard from many of our users—from startups to public companies—that their engineering teams increasingly rely on multiple microservices to interact with and use Stripe’s API. You can now restrict each of these services to the minimum required set of permissions to reduce risk. For example, a data analytics service may be allowed to only read charges on a Stripe account, or the backend for customer support software may be able to exclusively issue refunds, but not alter customer information. Businesses can also use this feature to define restricted access and safely share data when working with third-party partners.

You can generate an API key with restricted access from the Dashboard today. We’re also beta testing the ability to generate these keys programmatically via the API. If you’re interested in this feature, please get in touch.

We hope these features help your business keep your Stripe account safe. You can also check out our security guide to learn about more ways to keep your Stripe integration secure.

September 13, 2017

Supporting Hypothesis

Sam Ritchie on September 1, 2017

In September, Stripe is supporting the development of Hypothesis, an open-source testing library for Python created by David MacIver. Hypothesis is the only project we’ve found that provides effective tooling for testing code for machine learning, a domain in which testing and correctness are notoriously difficult.

Instead of unit tests, Hypothesis lets you define certain properties of your functions that should hold true for every input. A property is a statement like “My sorting function should return a sorted list given any input list.” Every time the tests run, Hypothesis attempts to prove your properties wrong by feeding in thousands of automatically generated example inputs. If any of your properties break, Hypothesis returns the smallest possible example of failing input.

Here’s an example of a Hypothesis test:

from hypothesis import given
import hypothesis.strategies as st

@given(st.lists(st.integers()))
def test_reversing_twice_gives_same_list(xs):
    # This will generate lists of arbitrary length (usually between
    # 0 and 100 elements) whose elements are integers.
    ys = list(xs)
    ys.reverse()
    ys.reverse()
    assert xs == ys

This style of testing is a perfect match for machine learning workflows. We use machine learning to make products like Radar, which helps hundreds of thousands of Stripe users fight fraud at a global scale, more effective. Testing machine learning code is especially critical when your systems can have material consequences for users. Every day, we train many models on large datasets, but unit tests alone can’t capture all of the complexity of the possible input data. For the past few months we’ve been using Hypothesis to generate input data for our tests of the models behind Radar.

While working with Hypothesis, we found that support for property-based testing with Pandas and NumPy wasn’t built out. We’re excited to support the project in making concrete progress towards integrating with these two foundational, commonly-used libraries in Python’s ML toolkit.

We plan to use Hypothesis more broadly at Stripe and hope that the project’s development over the next few months also helps other companies reliably integrate machine learning into more products.

At Stripe, we regularly contribute to open-source projects and rely on open-source software for developing many different parts of our stack. We have a particularly strong interest in areas where the right tooling can provide outsized leverage to the larger developer community. If you’re working on such a project, we’d love to hear from you!

September 1, 2017

Kia ora, New Zealand!

Mac Wang on August 22, 2017

Today we’re officially launching Stripe in New Zealand!

Businesses in New Zealand can now sign up instantly and start accepting payments in minutes with 135+ currencies from customers around the world. From Connect and Subscriptions to Radar and Sigma, New Zealand businesses can now use the full Stripe stack to start and scale global companies.

Thousands of companies gave us feedback and helped shape our product for New Zealand. During our preview, we’ve worked with some of the region’s fastest-growing businesses: Xero uses Stripe to let any of their million users accept credit cards for their invoices—one of the first accounting platforms to do so. Mobi2Go, a software-as-a-service platform for restaurants across the world, uses Stripe to allow restaurants to accept payments from their customers with Apple Pay and cards in local currencies.

And we would love to meet more entrepreneurs and businesses in New Zealand! We’re holding Office Hours this week across four technology hubs in Auckland and Wellington. If you’re considering Stripe, have any questions, or just want to meet other entrepreneurs, we hope to see you there.

We can’t wait to see what Kiwi companies build with Stripe!

Stripe Office Hours
Wed 23
CreativeHQ Wellington 10:00am–12:00pm
Icehouse Auckland 11:00am–1:00pm
BizDojo Wellington 2:00pm–4:00pm
BizDojo Auckland 2:00pm–4:00pm

August 22, 2017