Preventing disputes and fraud

    Learn how to best protect against disputes and fraudulent payments.

    Disputes are an unfortunate aspect of accepting payments online and the best way to manage them is to prevent them from happening at all. An effective dispute and fraud prevention strategy uses a number of methods that are best suited for your business while keeping any customer burden—and losses—to a minimum.

    Radar, our fraud prevention toolset, is built directly into the payment flow and contains powerful machine learning algorithms. This process detects patterns across payments processed with Stripe, assessing the risk level of each.

    Use the following information to create an effective disputes and fraud prevention strategy. Depending on the service you provide, the goods you sell, or how your business operates, certain methods may be more effective than others.

    Collect as much payment information as possible

    Some disputes are lost because only the minimum information was required during checkout. This makes it difficult (sometimes impossible) for Stripe or the card issuer to verify that the customer is legitimate. For instance, while a billing ZIP code is not always necessary to process a card payment, including it allows it to be verified by the card issuer. If verification fails, you may want to consider rejecting the payment as this may be an indication of fraud.

    Use Checkout, Stripe.js and Elements, or our mobile SDKs to ensure your integration is best equipped to provide relevant payment information, such as:

    • Customer name
    • Customer email address
    • CVC number
    • Full billing address and ZIP code
    • Shipping address (if different from billing address)

    Effective customer communication

    Clear and frequent contact with your customers can help prevent many of the reasons for disputes. By responding to issues and processing refunds or replacement orders quickly, your customers are far less likely to take the time to dispute a payment. Make your customer service contact information prominent and keep customers updated throughout their order process and provide updates to delivery information.

    • In general, you should make your terms of service and policies easy to find on your website, and require customers to agree to them. Rather than simply linking to them during checkout, provide them in full text on the checkout page or as a pop-up with a requirement to agree prior to submitting the order.

    • Card issuers can be very specific about how policies are presented to your customers. If you have a checkbox that your customer must accept which only contains a link, this can often be rejected by the card issuer as unsatisfactory evidence that your customer had been aware of your policies. There must be reasonable evidence that your customer was presented with a full copy of your policies prior to their purchase.

    • When shipping physical goods to customers, use carriers and services that provide online tracking and delivery confirmation whenever possible. Provide this information to your customers as soon as it’s available (if you need to submit tracking information as dispute evidence, note that card issuers do not follow links so screenshots must be provided).

    • Use a recognizable name for your statement descriptor. This can be set or updated in your account settings and we recommend using your website domain or business name. This helps avoid customer confusion when they look at their statement. Statement descriptors are limited to between 5 and 22 characters. They must contain at least 5 letters and cannot use the special characters <, >, \, ', or ".

    • Avoid using the same Stripe account for separate businesses. Each Stripe account should represent a single business, which allows for separate statement descriptors and contact information. If you need to process payments for multiple businesses, you can create additional accounts for each.

    Avoiding fraudulent payments

    A payment is considered fraudulent when the cardholder did not authorize it. Most fraudulent payments are made using stolen cards or card numbers. When a cardholder is notified that the payment has been made or they review their card statement, they contact their card issuer to dispute it.

    Notifying you of suspected fraud

    Stripe’s machine learning system continuously monitors all payments processed by our users. In rare cases, you may receive a notification from Stripe that a payment is suspected of being fraudulent after it has already been processed. This can occur if we have detected further activity on the card which now suggests it’s being used fraudulently, or if we receive an alert from the card network.

    Although we notify you as soon as we become aware of any suspicious activity, it may be several days after a payment has been made. Keep in mind that this is not confirmation that a payment was fraudulent—only that we have reason to believe it is.

    We provide this information to you to ensure that you’re able to make an informed decision and take action where necessary (e.g., contact the customer or place their order on hold). If you have any concerns about the payment after reviewing it, we recommend refunding it immediately. This action immediately refunds it so it cannot then be disputed.

    Next steps

    Now that you have learned about fraud prevention, you may want to learn about common types of fraud indicators, or move on to related subjects:

    If you require assistance with a dispute, please contact Stripe support.

    Was this page helpful?

    Thank you for helping improve Stripe's documentation. If you need help or have any questions, please consider contacting support.

    On this page