Account checklist

Although you can begin accepting payments within minutes of signing up for a Stripe account, you should perform the following steps before going live.

The items within this checklist apply whether you have an account through a connected website, use a Stripe plug-in, or have a custom integration (built yourself or through a developer). There are also checklists for taking your integration live (primarily for developers) and ensuring your website conforms to card network standards and best practices.

• Enable two-step authentication

  For security purposes, enable two-step authentication on your Stripe account, which adds an additional requirement to log in. Two-step authentication requires that you log in with both your username and password and a code sent to your mobile device, which makes it it much harder for someone else to access your Stripe account.

  (Two-step authentication is also sometimes called “two-step verification” or “two factor authentication” or “2fa”, all of which refer to the same concept.)

• Confirm your statement descriptor and public information

  The statement descriptor appears on customer statements when you charge their card. Missing or incorrect information can result in confused customers creating disputes, so review your information in the Dashboard. Statement descriptors are limited to between 5 and 22 characters. They must contain at least 5 letters and can’t use the special characters <, >, \, ', or ". You may also want to have text on your site telling the user what they’ll see on their statements.

  Note that the card issuer can automatically include other account information—e.g., business name, address, email, or phone number—to show on your customer’s statements. Check that all of this information in your Stripe account is acceptable for your customers to see.

• Set up your email notifications

  Stripe can automatically send emails for some account activity. At the very least, we recommend receiving emails for successful charges and disputes. (You can choose other notification settings, but these two are the most important.) These settings are specific per team member, so your preferences won’t affect anyone else’s.

• Be prepared to prevent and manage fraud and disputes

  Fraud and disputes are unfortunate realities in all commerce, although Stripe is constantly improving its tools to help reduce both. Still, your diligence is imperative, and before going live we recommend you’re set up to:

  • Regularly review payments in the Dashboard
  • Report charges that appear suspicious (using the Dashboard or the API)
  • Have evidence at the ready for disputes
  • Prevent and mitigate card testing
• Review your bank account information

  Incorrect bank information is a common cause of transfer delays. Before accepting live charges, confirm your bank details are correct.

  If you process charges in multiple currencies and have multiple bank accounts, also confirm you’ve established the correct default currency. Multiple bank accounts for additional currencies are optional as Stripe can convert any payments into your default currency.

  When reviewing your bank information, set your preferred transfer schedule. The recommended and default option is daily—as funds become available—but you can change this to best suit your business and reporting needs.

• Establish Stripe access for your teammates

  Stripe supports a team of people being able to access the same Stripe account. You can even give different team members different permissions corresponding to their roles.

  Use this capability but don’t give others your login credentials. Recommend that all team members use two-step verification on their login as well.

  Remove any team members when they no longer need access to your Stripe account.