Sign in
An image of the Stripe logo
Create account
Sign in
Home
Payments
Business operations
Financial services
Developer tools
No-code
All products
Home
Payments
Business operations
Home
Payments
Business operations
Financial services
Developer tools
Support
Overview
Fraud detection
    Overview
    Risk evaluation
    Risk settings
    Reviews
    Lists
    Rules
      Reference
    Radar Session
    Testing
    Integration
    Disputes and fraud
    Analytics
Stripe data
Financial reports
Payment authentication reports
Revenue recognition
Startup incorporation
Climate
Identity
Tax
Financial Connections
Account
Dashboard
Radar
·
HomeBusiness operationsFraud detectionRules

Rules reference

Learn more about the structure of rules and the order in which Radar processes them.

Using rules with Connect

If you’re a Connect platform, any rules you create only apply to payments created on the platform account. Payments created directly on the Connected account are subject to that account’s rules.

Before creating a rule, you need to understand how they’re processed and what payment attributes you can use to set evaluation criteria. The Stripe machine-learning fraud systems can block many fraudulent payments for you, but you can also set up rules that are unique to your business using the payment attributes.

Rule processing and ordering

The action a rule takes determines the order in which it’s processed. Radar evaluates each payment against the rules you create and rules have the following order of priority:

  1. Request 3DS: Rules that when used with the Payment Intents API or Checkout, request 3D Secure authentication. Radar evaluates these before any block, review or allow rules.
  2. Allow: Rules that allow a payment to be processed. Payments that fall under allow rules aren’t evaluated against any block or review rules.
  3. Block: Rules that block a payment and reject it. Blocked payments aren’t evaluated against any review rules.
  4. Review: Rules that allow payments to be processed but then place them in review.

If a payment matches the criteria for a rule, Radar takes the appropriate action and the payment isn’t evaluated any further. If a payment matches an allow rule, it’s processed normally–no block or review rules are subsequently evaluated, even if the payment would also meet their criteria. An example set of rules might be as follows:

  • Allow payments less than $10
  • Allow payments made within the US and with a risk level of normal
  • Block payments where the risk level is high
  • Block payments greater than $1,000
  • Review payments made with a card issued outside the US

Using the rules above, all payments less than 10 USD would be processed, regardless of their risk level or where the card was issued. This is because the first rule allows the payment, so no further rules are evaluated. Similarly, a 1,500 payment USD made within the US with a normal risk level would also be allowed, despite the rule to block payments over 1,000 USD. This is because of the second rule in the list, allowing payments made within the US and a normal risk level. When a particular rule is triggered, no further rules are evaluated.

Rule structure

The rule structure has two components—the action it should take and the condition to evaluate:

{action} if {condition}

In practice, a rule to block all payments over 1,000 USD would appear as:

Block if :amount_in_usd: > 1000.00

  • The action is Block
  • The condition is :amount_in_usd: > 1000.00

Actions

A rule can perform one of four actions with a payment that meets its criteria, processed in this specific order.

Request 3DS

When used with the Payment Intents API, this rule determines if the customer must follow prompts to go through 3D Secure authentication. Regardless of matches on this rule, Allow, Block, and Review rules are evaluated after it.

Allow

This rule determines when to always allow a payment that meets certain criteria, regardless of Stripe’s evaluation or any other matching rules. When a payment matches the criteria in an allow rule, Stripe processes it normally and it’s not subject to further rules evaluation. Even if Stripe proceeds with a payment, the card issuer may still decline it.

Block

Block rules specify that Stripe should always block a payment. If a payment matches the criteria in a block rule, Stripe rejects it and it’s not subject to further rules evaluation.

Review

You might want to allow certain types of payments but also have the option to examine them more closely. With review rules, you can place payments in review. This is especially useful for payments that don’t fit common patterns, such as larger payments or payments from a country that you don’t often ship to. Stripe still processes these payments and charges the customer, but you have an additional opportunity to review the order and check for signs of fraud.

Conditions

If a payment matches a rule’s condition, the corresponding action is taken. A basic condition is, itself, made up of three parts:

[attribute] [operator] [value]

  • Attribute: The attribute of a payment (for example, the amount or type of card)
  • Operator: The arithmetic that compares the attribute to the value (for example, greater than or not equal to)
  • Value: The criteria you want to use (for example, 100.00 or debit)

Combining both the action and condition together, the structure of a rule is:

{action} if {[attribute] [operator] [value]}

Four types of conditions exist, depending on the attribute type:

  • [string_attribute] [operator] [string_value]
  • [country_attribute] [operator] [country_value]
  • [numeric_attribute] [operator] [numeric_value]
  • [boolean_attribute]

You can also use certain attributes as a corresponding value within a condition. For instance, you can create a rule to block payments where the issuing country of the card doesn’t match with the country where the payment was made, using the following attribute and value:

Block if :card_country: != :ip_country:

String attributes

These contain any combination of characters. String attributes and values most commonly represent a piece of text, such as a card’s brand (for example, visa, amex) or risk level (for example, elevated). You can use these in rules to allow payments only from a particular country, or block payments made with prepaid cards.

Metadata attributes

These attributes are derived from the metadata you’ve attached to your payments. Metadata attributes can operate as either strings or numbers. When used as strings, metadata attributes are case-sensitive.

You can use these attributes when creating Stripe Radar rules, enabling you to write rules against any custom business attributes you have passed to Stripe in the metadata field attached to your payments.

Metadata attributes are written in the following structure:

::[metadata attribute name]:: [operator] [metadata_value]

For example, suppose we have payments with the following key-value data stored in the metadata field:

Metadata NameMetadata Value
Customer Age22
Item ID5A381D
Category IDgroceries

You can write a rule to place payments that match the following criteria into review.

Review if ::Customer Age:: < 30

You can also write rules using both metadata attributes and other supported attributes mentioned in this document. For example, you can write a rule that only places a payment in review if the Item ID matches 5A381D and the payment amount exceeds 1,000 USD.

Review if ::Item ID:: = '5A381D' and :amount_in_usd: > 1000

Metadata attributes also support the IN operator to match against multiple values. For example, you can write a rule that places a payment in review if the Category ID is one of groceries, electronics, or clothing.

Review if ::Category ID:: IN ('groceries', 'electronics', 'clothing')

You can use the INCLUDES operator with rules for metadata attributes and other string attributes to match substrings. For example, you can write a rule that places a payment in review if the Item ID includes the string A381. This matches A381, 5A381D, A381D, 5A381, and more.

Review if ::Item ID:: INCLUDES 'A381'

Metadata attributes are case-sensitive when used as strings. Make sure that metadata values you specify in rules are exactly the same as the ones attached to your payments.

Metadata on Customer and Destination Objects

You can also access metadata on customer and destination objects (if those are used for a given payment). These attributes use the following structure:

::[customer|destination]:[metadata attribute name]:: [operator] [metadata_value]

For example, suppose you had a customer with the following metadata:

Metadata NameMetadata Value
Trustedtrue

You could write a rule that always allows payments if the customer’s Trusted metadata field is true.

Allow if ::customer:Trusted:: = 'true'

Or if you had a destination with the following metadata:

Metadata NameMetadata Value
Categorynew

You could write a rule that places a payment in review if the destination’s Category metadata field is new.

Review if ::destination:Category:: = 'new'

Country attributes

These use two-letter country codes to represent a country, such as US for United States, GB for Great Britain, or AR for Argentina. Country attributes operate the same as string attributes, the only difference being that the value must be a country code.

State attributes

These use ISO codes to represent the state or principal subdivision of a country, such as CA to represent California of the United States, ENG to represent England which is part of Great Britain, or L to represent La Pampa which is part of Argentina. We omit the two-letter country code from the state ISO code, so if you want to block transactions from California, your rule would compare the state attribute to CA.

Block if :ip_state: = 'CA'

State attributes operate the same as string attributes, the only difference being that the value must be an ISO code.

Numeric attributes

As these contain only numbers, they support more operators than string attributes and values. A payment’s amount is one example of a numeric attribute. You can create a rule to perform an action if the amount is higher, lower, equal, or not equal to the amount you specify.

For numeric attributes that are counts over time windows, the count excludes the payment that you’re currently processing. For example, total_charges_per_customer_hourly represents the number of previous charge attempts from a given customer in the preceding hour. So, for the first charge attempt in a given hour for a customer, total_charges_per_customer_hourly has a value of 0. For a second charge attempt within the same hour, it has a value of 1, and so on.

Time-since-first-seen attributes also don’t take into account the payment you’re currently processing. For example, a payment without an email has a missing value for seconds_since_email_first_seen. So do payments with emails never seen before on your account (since we don’t include the payment currently being processed, this is effectively the same behavior as the first example). See below for more details about missing values. The seconds_since_email_first_seen field is only non-null after a new payment with a given email is processed.

Bounded numeric attributes

Bounded numeric attributes are similar to the numeric attributes described above. For example, they exclude the payment that you’re currently processing. The difference is that the available values for bounded numeric attributes are capped (or bounded) at a specific value.

As an example, take authorized_charges_per_email_hourly which represents the number of previous charges that were authorized for the email in the past hour on your account. For the sake of the example, let’s say it has a bound of 5. For the first charge attempt in the past hour with the email jenny.rosen@example.com the counter has a value of 0. Subsequent charge attempts in the same hour see higher counter values. After authorizing the 6th charge within the hour from jenny.rosen@example.com, the counter stops incrementing and stays at 5 despite actually having 6 charge attempts in the past hour.

If an attempt to increment the counter above the cap occurs, we exclude older values from consideration and replace them with newer values. For example, consider a counter with a cap of 3 that’s been filled up with 3 charges. One way to visualize the counter is by maintaining a list of timestamps representing arrival times of charges: [10, 20, 30] for instance. When a charge arrives at time 50, the counter now looks like [20, 30, 50].

Boolean attributes

A Boolean attribute represents whether a particular attribute is true. Unlike string and numeric attributes, Boolean attributes have no operators or values. You can use a Boolean attribute to block payments that have been made with a disposable email address, or place payments in review that were made with an anonymous IP address.

Post-authorization attributes

A post-authorization attribute (for example, :cvc_check:, :address_zip_check:, or :address_line1_check:) requires Stripe to exchange data with card issuers as part of the authorization process. The card issuer verifies this data against the information they have on file for the cardholder and checks for a match. Rules that use post-authorization attributes execute after rules that don’t use post-authorization attributes. (This won’t affect whether a charge is blocked or not, but may impact which rule blocks the charge.)

If you use a post-authorization attribute in a rule, your customer’s statement may temporarily show an authorization even if the charge is ultimately blocked—the authorization generally disappears after a few days.

Address and CVC attributes have five possible values:

Attribute valueExplanation
passThe data provided is correct.
failThe data provided is incorrect.
unavailableThe customer’s card issuer won’t check the data provided. Not all card issuers or countries support address verification.
uncheckedThe data was provided but hasn’t been checked yet. The customer’s card issuer will eventually check the data provided.
not_providedThe data wasn’t provided to Stripe.

Some example rules:

  • Block if :address_line1_check: = 'fail'
  • Block if :cvc_check: != 'pass'
  • Block if :address_zip_check: in ('fail', 'not_provided')

Supported attributes

The payment attributes listed below are supported in rule definitions.

AttributeType Description
address_line1_checkCase Sensitive StringA check by the card issuer to match the first line of the provided billing address (typically a street name and number) against the information they have on file for the cardholder. The supported values are: pass, fail, unavailable, unchecked, not_provided. (This is a post-authorization attribute.)
address_zip_checkCase Sensitive StringA check by the card issuer to match the provided postal code against the information they have on file for the cardholder. The supported values are: pass, fail, unavailable, unchecked, not_provided. (This is a post-authorization attribute.)
amount_in_xyzNumericThe amount of the payment, converted to the currency specified by xyz (for example, amount_in_usd). Specify one of the following supported currencies and Stripe automatically calculates a converted amount to use: aed, ars, aud, brl, cad, chf, clp, cop, czk, dkk, eur, gbp, hkd, huf, idr, ils, inr, jpy, khr, krw, mxn, myr, nok, nzd, php, pln, ron, rub, sek, sgd, thb, try, twd, or usd. For decimal currencies (for example, usd), rules use the base currency unit rather than sub units (for example, dollars, not cents)
authorized_charges_per_billing_address_all_timeBounded numeric (≤25)The number of charges that resulted in a successful authorization on this billing address on your account. Takes into account payments from 2020 onwards.
authorized_charges_per_billing_address_weeklyBounded numeric (≤25)The number of charges that resulted in a successful authorization on this billing address in the past week on your account.
authorized_charges_per_billing_address_dailyBounded numeric (≤25)The number of charges that resulted in a successful authorization on this billing address in the past day on your account.
authorized_charges_per_billing_address_hourlyBounded numeric (≤25)The number of charges that resulted in a successful authorization on this billing address in the past hour on your account.
authorized_charges_per_card_number_all_timeBounded numeric (≤25)The number of charges that resulted in a successful authorization on this card on your account. Takes into account payments from 2020 onwards.
authorized_charges_per_card_number_weeklyBounded numeric (≤25)The number of charges that resulted in a successful authorization on this card in the past week on your account.
authorized_charges_per_card_number_dailyBounded numeric (≤25)The number of charges that resulted in a successful authorization on this card in the past day on your account.
authorized_charges_per_card_number_hourlyBounded numeric (≤25)The number of charges that resulted in a successful authorization on this card in the past hour on your account.
authorized_charges_per_customer_all_timeBounded numeric (≤25)The number of charges that resulted in a successful authorization from this Customer object on your account. Takes into account payments from 2020 onwards.
authorized_charges_per_customer_weeklyBounded numeric (≤25)The number of charges that resulted in a successful authorization from this Customer object in the past week on your account.
authorized_charges_per_customer_dailyBounded numeric (≤25)The number of charges that resulted in a successful authorization from this Customer object in the past day on your account.
authorized_charges_per_customer_hourlyBounded numeric (≤25)The number of charges that resulted in a successful authorization from this Customer object in the past hour on your account.
authorized_charges_per_email_all_timeBounded numeric (≤25)The number of charges that resulted in a successful authorization from this email on your account. Takes into account payments from 2020 onwards.
authorized_charges_per_email_weeklyBounded numeric (≤25)The number of charges that resulted in a successful authorization from this email in the past week on your account.
authorized_charges_per_email_dailyBounded numeric (≤25)The number of charges that resulted in a successful authorization from this email in the past day on your account.
authorized_charges_per_email_hourlyBounded numeric (≤25)The number of charges that resulted in a successful authorization from this email in the past hour on your account.
authorized_charges_per_shipping_address_all_timeBounded numeric (≤25)The number of charges that resulted in a successful authorization on this shipping address on your account. Takes into account payments from 2020 onwards.
authorized_charges_per_shipping_address_weeklyBounded numeric (≤25)The number of charges that resulted in a successful authorization on this shipping address in the past week on your account.
authorized_charges_per_shipping_address_dailyBounded numeric (≤25)The number of charges that resulted in a successful authorization on this shipping address in the past day on your account.
authorized_charges_per_shipping_address_hourlyBounded numeric (≤25)The number of charges that resulted in a successful authorization on this shipping address in the past hour on your account.
authorized_charges_per_ip_address_all_timeBounded numeric (≤25)The number of charges that resulted in a successful authorization from this IP address on your account. Takes into account payments from 2020 onwards.
authorized_charges_per_ip_address_weeklyBounded numeric (≤25)The number of charges that resulted in a successful authorization from this IP address in the past week on your account.
authorized_charges_per_ip_address_dailyBounded numeric (≤25)The number of charges that resulted in a successful authorization from this IP address in the past day on your account.
authorized_charges_per_ip_address_hourlyBounded numeric (≤25)The number of charges that resulted in a successful authorization from this IP address in the past hour on your account.
average_usd_amount_attempted_on_card_all_timeNumericThe average amount (in USD) of attempted transactions for the card on your account. Takes into account payments from 2020 onwards.
average_usd_amount_attempted_on_customer_all_timeNumericThe average amount (in USD) of attempted transactions for this Customer object on your account. Takes into account payments from 2020 onwards.
average_usd_amount_successful_on_card_all_timeNumericThe average amount (in USD) of transactions that resulted in an authorization for the card on your account. Takes into account payments from 2020 onwards.
average_usd_amount_successful_on_customer_all_timeNumericThe average amount (in USD) of transactions that resulted in an authorization for this Customer object on your account. Takes into account payments from 2020 onwards.
billing_addressCase Insensitive StringThe full provided cardholder billing address.
billing_address_line1Case Insensitive StringThe first line of the provided cardholder billing address (typically a street name and number).
billing_address_line2Case Insensitive StringThe second line of the provided cardholder billing address (typically an apartment or unit number).
billing_address_postal_codeCase Insensitive StringThe postal code (ZIP) of the provided cardholder billing address.
billing_address_cityCase Insensitive StringThe city of the provided cardholder billing address.
billing_address_stateCase Insensitive StringThe state of the provided cardholder billing address.
billing_address_countryCase Insensitive CountryThe two-letter code corresponding to the country of the provided cardholder billing address (for example, US).
blocked_charges_per_billing_address_all_timeBounded numeric (≤25)The number of charges blocked on this billing address on your account. Takes into account payments from 2020 onwards.
blocked_charges_per_billing_address_weeklyBounded numeric (≤25)The number of charges blocked on this billing address in the past week on your account.
blocked_charges_per_billing_address_dailyBounded numeric (≤25)The number of charges blocked on this billing address in the past day on your account.
blocked_charges_per_billing_address_hourlyBounded numeric (≤25)The number of charges blocked on this billing address in the past hour on your account.
blocked_charges_per_card_number_all_timeBounded numeric (≤25)The number of charges blocked on this card on your account. Takes into account payments from 2020 onwards.
blocked_charges_per_card_number_weeklyBounded numeric (≤25)The number of charges blocked on this card in the past week on your account.
blocked_charges_per_card_number_dailyBounded numeric (≤25)The number of charges blocked on this card in the past day on your account.
blocked_charges_per_card_number_hourlyBounded numeric (≤25)The number of charges blocked on this card in the past hour on your account.
blocked_charges_per_customer_all_timeBounded numeric (≤25)The number of charges blocked from this Customer object on your account. Takes into account payments from 2020 onwards.
blocked_charges_per_customer_weeklyBounded numeric (≤25)The number of charges blocked from this Customer object in the past week on your account.
blocked_charges_per_customer_dailyBounded numeric (≤25)The number of charges blocked from this Customer object in the past day on your account.
blocked_charges_per_customer_hourlyBounded numeric (≤25)The number of charges blocked from this Customer object in the past hour on your account.
blocked_charges_per_email_all_timeBounded numeric (≤25)The number of charges blocked from this email on your account. Takes into account payments from 2020 onwards.
blocked_charges_per_email_weeklyBounded numeric (≤25)The number of charges blocked from this email in the past week on your account.
blocked_charges_per_email_dailyBounded numeric (≤25)The number of charges blocked from this email in the past day on your account.
blocked_charges_per_email_hourlyBounded numeric (≤25)The number of charges blocked from this email in the past hour on your account.
blocked_charges_per_shipping_address_all_timeBounded numeric (≤25)The number of charges blocked on this shipping address on your account. Takes into account payments from 2020 onwards.
blocked_charges_per_shipping_address_weeklyBounded numeric (≤25)The number of charges blocked on this shipping address in the past week on your account.
blocked_charges_per_shipping_address_dailyBounded numeric (≤25)The number of charges blocked on this shipping address in the past day on your account.
blocked_charges_per_shipping_address_hourlyBounded numeric (≤25)The number of charges blocked on this shipping address in the past hour on your account.
blocked_charges_per_ip_address_all_timeBounded numeric (≤25)The number of charges blocked on this IP address on your account. Takes into account payments from 2020 onwards.
blocked_charges_per_ip_address_weeklyBounded numeric (≤25)The number of charges blocked on this IP address in the past week on your account.
blocked_charges_per_ip_address_dailyBounded numeric (≤25)The number of charges blocked on this IP address in the past day on your account.
blocked_charges_per_ip_address_hourlyBounded numeric (≤25)The number of charges blocked on this IP address in the past hour on your account.
browserCase Insensitive StringThe customer’s browser name and version.
cardholder_nameCase Insensitive StringThe provided name with a purchaser’s card information. While this is not case sensitive, it is punctuation sensitive. This attribute should only be used to block names or name patterns of individuals who you have reason to believe have previously committed fraud on your service. We recommend that your customer service teams are prepared to respond to any resulting customer complaints and/or add legitimate end-customers to an “allowlist” where appropriate.
card_binCase Insensitive StringThe Bank Identification Number (BIN) of the card being used to make the payment. It is the first six digits of the card number.
card_brandCase Insensitive StringThe brand of the card being used to make the payment. The supported values are: amex (American Express), visa (Visa), mc (Mastercard), dscvr (Discover), diners (Diners Club), interac (Interac), jcb (JCB), and cup (UnionPay).
card_count_for_billing_address_all_timeBounded numeric (≤25)The number of cards associated with this billing address from transactions on this account. Takes into account payments from 2020 onwards.
card_count_for_billing_address_weeklyBounded numeric (≤25)The number of cards associated with this billing address from transactions on this account (past week).
card_count_for_billing_address_dailyBounded numeric (≤25)The number of cards associated with this billing address from transactions on this account (past hour).
card_count_for_billing_address_hourlyBounded numeric (≤25)The number of cards associated with this billing address from transactions on this account (past day).
card_count_for_customer_all_timeBounded numeric (≤25)The number of cards associated with this Customer object from transactions on this account. Takes into account payments from 2020 onwards.
card_count_for_customer_weeklyBounded numeric (≤25)The number of cards associated with this Customer object from transactions on this account (past week).
card_count_for_customer_dailyBounded numeric (≤25)The number of cards associated with this Customer object from transactions on this account (past day).
card_count_for_customer_hourlyBounded numeric (≤25)The number of cards associated with this Customer object from transactions on this account (past hour).
card_count_for_email_all_timeBounded numeric (≤25)The number of cards associated with this email from transactions on this account. Takes into account payments from 2020 onwards.
card_count_for_email_weeklyBounded numeric (≤25)The number of cards associated with this email from transactions on this account (past week).
card_count_for_email_dailyBounded numeric (≤25)The number of cards associated with this email from transactions on this account (past day).
card_count_for_email_hourlyBounded numeric (≤25)The number of cards associated with this email from transactions on this account (past hour).
card_count_for_ip_address_all_timeBounded numeric (≤25)The number of cards associated with this IP address from transactions on your account. Takes into account payments from 2020 onwards.
card_count_for_ip_address_weeklyBounded numeric (≤25)The number of cards associated with this IP address from transactions on your account (past week).
card_count_for_ip_address_dailyBounded numeric (≤25)The number of cards associated with this IP address from transactions on your account (past day).
card_count_for_ip_address_hourlyBounded numeric (≤25)The number of cards associated with this IP address from transactions on your account (past hour).
card_count_for_shipping_address_all_timeBounded numeric (≤25)The number of cards associated with this shipping address from transactions on your account. Takes into account payments from 2020 onwards.
card_count_for_shipping_address_weeklyBounded numeric (≤25)The number of cards associated with this shipping address from transactions on your account (past week).
card_count_for_shipping_address_dailyBounded numeric (≤25)The number of cards associated with this shipping address from transactions on your account (past day).
card_count_for_shipping_address_hourlyBounded numeric (≤25)The number of cards associated with this shipping address from transactions on your account (past hour).
card_countryCase Insensitive CountryThe two-letter code corresponding to the country where the card was issued (for example, US).
card_fingerprintCase Sensitive StringThe fingerprint of the card being used to make the payment. The card fingerprint is a unique identifier of a particular card number.
card_fundingCase Insensitive StringWhether the card is a prepaid, debit, or credit card. The supported values are: credit, debit, prepaid, unknown.
card_3d_secure_supportCase Insensitive StringThe level of 3D Secure support for the card being used to make the payment. The supported values are: required, recommended, optional, and not_supported.
charge_descriptionCase Insensitive StringThe description supplied with the payment.
customerCase Sensitive StringThe Customer object ID supplied with the payment (for example, cus_AeFLnRaI51AbRi).
cvc_checkCase Sensitive StringA check by the card issuer to match the provided CVC (also referred to as CVV) against the information they have on file for the cardholder. The supported values are: pass, fail, unavailable, unchecked, not_provided. (This is a post-authorization attribute.)
declined_charges_per_billing_address_all_timeBounded numeric (≤25)The number of charges declined on this billing address on your account. Takes into account payments from 2020 onwards.
declined_charges_per_billing_address_weeklyBounded numeric (≤25)The number of charges declined on this billing address in the past week on your account.
declined_charges_per_billing_address_dailyBounded numeric (≤25)The number of charges declined on this billing address in the past day on your account.
declined_charges_per_billing_address_hourlyBounded numeric (≤25)The number of charges declined on this billing address in the past hour on your account.
declined_charges_per_card_number_all_timeBounded numeric (≤25)The number of charges declined on this card on your account. Takes into account payments from 2020 onwards.
declined_charges_per_card_number_weeklyBounded numeric (≤25)The number of charges declined on this card in the past week on your account.
declined_charges_per_card_number_dailyBounded numeric (≤25)The number of charges declined on this card in the past day on your account.
declined_charges_per_card_number_hourlyBounded numeric (≤25)The number of charges declined on this card in the past hour on your account.
declined_charges_per_customer_all_timeBounded numeric (≤25)The number of charges declined from this Customer object on your account. Takes into account payments from 2020 onwards.
declined_charges_per_customer_weeklyBounded numeric (≤25)The number of charges declined from this Customer object in the past week on your account.
declined_charges_per_customer_dailyBounded numeric (≤25)The number of charges declined from this Customer object in the past day on your account.
declined_charges_per_customer_hourlyBounded numeric (≤25)The number of charges declined from this Customer object in the past hour on your account.
declined_charges_per_shipping_address_all_timeBounded numeric (≤25)The number of charges declined on this shipping address on your account. Takes into account payments from 2020 onwards.
declined_charges_per_shipping_address_weeklyBounded numeric (≤25)The number of charges declined on this shipping address in the past week on your account.
declined_charges_per_shipping_address_dailyBounded numeric (≤25)The number of charges declined on this shipping address in the past day on your account.
declined_charges_per_shipping_address_hourlyBounded numeric (≤25)The number of charges declined on this shipping address in the past hour on your account.
declined_charges_per_ip_address_all_timeBounded numeric (≤25)The number of charges declined on this IP address on your account. Takes into account payments from 2020 onwards.
declined_charges_per_ip_address_weeklyBounded numeric (≤25)The number of charges declined on this IP address in the past week on your account.
declined_charges_per_ip_address_dailyBounded numeric (≤25)The number of charges declined on this IP address in the past day on your account.
declined_charges_per_ip_address_hourlyBounded numeric (≤25)The number of charges declined on this IP address in the past hour on your account.
declined_charges_per_email_all_timeBounded numeric (≤25)The number of charges declined from this email on your account. Takes into account payments from 2020 onwards.
declined_charges_per_email_weeklyBounded numeric (≤25)The number of charges declined from this email in the past week on your account.
declined_charges_per_email_dailyBounded numeric (≤25)The number of charges declined from this email in the past day on your account.
declined_charges_per_email_hourlyBounded numeric (≤25)The number of charges declined from this email in the past hour on your account.
destinationCase Sensitive StringFor Connect users creating destination charges, the destination account on whose behalf the charge is made (for example, acct_19KCB9AlaaEw6AgR).
digital_walletCase Insensitive StringThe type of digital wallet used to store payment information. The supported values are: android_pay, amex_express_checkout, apple_pay, masterpass, samsung_pay, unknown, visa_checkout, none. Note: Except for android_pay (valid with or without cryptogram), these are only valid when we’ve received a cryptogram that can only be generated by a registered device, as opposed to an unencrypted Primary Account Number.
dispute_count_on_card_number_all_timeBounded numeric (<=25)Count of fraudulent disputes associated with charges from this card number on your account. Takes into account payments from 2019 onwards.
dispute_count_on_card_number_yearlyBounded numeric (<=25)Count of fraudulent disputes associated with charges from this card number on your account in the past year.
dispute_count_on_ip_all_timeBounded numeric (≤25)Count of fraudulent disputes associated with charges from this IP address on your account. Takes into account payments from 2020 onwards.
dispute_count_on_ip_weeklyBounded numeric (≤25)Count of fraudulent disputes associated with charges from this IP address on your account in the past week.
dispute_count_on_ip_dailyBounded numeric (≤25)Count of fraudulent disputes associated with charges from this IP address on your account in the past day.
dispute_count_on_ip_hourlyBounded numeric (≤25)Count of fraudulent disputes associated with charges from this IP address on your account in the past hour.
distance_between_billing_and_shipping_addressNumericThe distance (in km) between the provided billing address and the provided shipping address.
distance_between_ip_and_billing_addressNumericThe distance (in km) between the IP address from which the payment originates and the provided billing address.
distance_between_ip_and_shipping_addressNumericThe distance (in km) between the IP address from which the payment originates and the provided shipping address.
emailCase Insensitive StringThe email address supplied with the payment (for example, user@example.com).
efw_count_on_card_all_timeBounded numeric (≤25)The number of EFWs associated with charges from this card on your account. Takes into account EFWs from 2020 onwards.
efw_count_on_card_weeklyBounded numeric (≤25)The number of EFWs associated with charges from this card on your account in the past week.
efw_count_on_card_dailyBounded numeric (≤25)The number of EFWs associated with charges from this card on your account in the past day.
efw_count_on_card_hourlyBounded numeric (≤25)The number of EFWs associated with charges from this card on your account in the past hour.
efw_count_on_ip_all_timeBounded numeric (≤25)The number of EFWs associated with charges from this IP address on your account. Takes into account EFWs from 2020 onwards.
efw_count_on_ip_weeklyBounded numeric (≤25)The number of EFWs associated with charges from this IP address on your account in the past week.
efw_count_on_ip_dailyBounded numeric (≤25)The number of EFWs associated with charges from this IP address on your account in the past day.
efw_count_on_ip_hourlyBounded numeric (≤25)The number of EFWs associated with charges from this IP address on your account in the past hour.
email_count_for_billing_address_all_timeBounded numeric (≤25)The number of emails associated with this billing address from transactions on your account. Takes into account payments from 2020 onwards.
email_count_for_billing_address_weeklyBounded numeric (≤25)The number of emails associated with this billing address from transactions on your account in the past week.
email_count_for_billing_address_dailyBounded numeric (≤25)The number of emails associated with this billing address from transactions on your account in the past day.
email_count_for_billing_address_hourlyBounded numeric (≤25)The number of emails associated with this billing address from transactions on your account in the past hour.
email_count_for_card_all_timeBounded numeric (≤25)The number of emails associated with this card from transactions on your account. Takes into account payments from 2020 onwards.
email_count_for_card_weeklyBounded numeric (≤25)The number of emails associated with this card from transactions on your account in the past week.
email_count_for_card_dailyBounded numeric (≤25)The number of emails associated with this card from transactions on your account in the past day.
email_count_for_card_hourlyBounded numeric (≤25)The number of emails associated with this card from transactions on your account in the past hour.
email_count_for_ip_all_timeBounded numeric (≤25)The number of emails associated with this IP address from transactions on your account. Takes into account payments from 2020 onwards.
email_count_for_ip_weeklyBounded numeric (≤25)The number of emails associated with this IP address from transactions on your account in the past week.
email_count_for_ip_dailyBounded numeric (≤25)The number of emails associated with this IP address from transactions on your account in the past day.
email_count_for_ip_hourlyBounded numeric (≤25)The number of emails associated with this IP address from transactions on your account in the past hour.
email_count_for_shipping_address_all_timeBounded numeric (≤25)The number of emails associated with this shipping address from transactions on your account. Takes into account payments from 2020 onwards.
email_count_for_shipping_address_weeklyBounded numeric (≤25)The number of emails associated with this shipping address from transactions on your account in the past week.
email_count_for_shipping_address_dailyBounded numeric (≤25)The number of emails associated with this shipping address from transactions on your account in the past day.
email_count_for_shipping_address_hourlyBounded numeric (≤25)The number of emails associated with this shipping address from transactions on your account in the past hour.
email_domainCase Insensitive StringThe domain of the email address supplied with the payment (for example, example.com).
has_cryptogramBooleanTrue when we’ve received a cryptogram that can only be generated by a registered device, as opposed to an unencrypted Primary Account Number.
has_liability_shiftBooleanTrue if the fraud liability has been shifted for this payment.
hours_since_customer_was_createdNumericThe number of hours since the Customer object making the payment was created on your account.
hours_since_email_first_seenNumericThe number of hours since the email address supplied with the payment was first seen on your account. Takes into account payments from 2020 onwards.
hours_since_email_first_seen_on_stripeNumericThe number of hours since the email address supplied with the payment was first seen on Stripe overall. Takes into account payments from 2020 onwards.
hours_since_card_first_seenNumericThe number of hours since the card for the payment was first seen on your account. Takes into account payments from 2020 onwards.
hours_since_first_successful_auth_on_cardNumericThe number of hours since the first successful auth for the card associated with the payment happened on your account. Takes into account payments from 2020 onwards.
ip_addressCase Insensitive StringThe IP address from which the payment originates.
ip_address_connection_typeStringThe connection type of the IP address from which the payment originates. We identify the following types of connections: cable/dsl, cellular, corporate, dialup.
ip_countryCase Insensitive CountryThe two-letter code corresponding to the country-level geolocation of the IP address that the payment originates from (for example, GB).
ip_stateCase Insensitive StateThe ISO code corresponding to the state-level geolocation of the IP address that the payment originates from (for example, CA). If the country does not have a state, this attribute will populate with the country’s closest version of a state.
ispCase Insensitive StringThe internet service provider of the IP address from which the payment originates.
is_3d_secureBooleanIdentifies if the payment uses a 3D Secure source.
is_3d_secure_authenticatedBooleanIdentifies if the payment follows a successfully completed 3D Secure verification with authentication. (Authentication may be either risk-based or challenge-based.)
is_anonymous_ipBooleanIdentifies if the IP address from which the payment originates is a known proxy or Tor exit node. This information is updated daily.
is_checkoutBooleanIdentifies if the payment is processed through Checkout. (This attribute only applies to payments processed through the new version of Checkout and doesn’t capture payments through legacy Checkout.)
is_disposable_emailBooleanIdentifies if the email address supplied with the payment is one used with a known throwaway email address provider. Stripe maintains a list of domains corresponding to throwaway email addresses to provide this attribute.
is_my_login_ipBooleanIdentifies if the IP address from which the payment originates has ever been used to log into your Stripe account. This attribute can be used as a proxy for “is my IP address.”
is_new_card_on_customerBooleanIdentifies if the card associated with this Customer object hasn’t been seen on a payment by that customer on your account.
is_off_sessionBooleanIndicates when a Stripe Billing payment isn’t triggered by direct user action, or when the off_session flag is set at PaymentIntent confirmation.
is_recurringBooleanIdentifies if the payment is recurring. (for example, from subscriptions.)
minutes_since_customer_was_createdNumericThe number of minutes since the Customer object making the payment was created on your account.
minutes_since_email_first_seenNumericThe number of minutes since the email address supplied with the payment was first seen on your account. Takes into account payments from 2020 onwards.
minutes_since_email_first_seen_on_stripeNumericThe number of minutes since the email address supplied with the payment was first seen on Stripe overall. Takes into account payments from 2020 onwards.
minutes_since_card_first_seenNumericThe number of minutes since the card for the payment was first seen on your account. Takes into account payments from 2020 onwards.
minutes_since_first_successful_auth_on_cardNumericThe number of minutes since the first successful auth for the card associated with the payment happened on your account. Takes into account payments from 2020 onwards.
name_count_for_card_all_timeBounded numeric (≤25)The number of names associated with this card from transactions on your account. Takes into account payments from 2020 onwards.
name_count_for_card_weeklyBounded numeric (≤25)The number of names associated with this card from transactions on your account in the past week.
name_count_for_card_dailyBounded numeric (≤25)The number of names associated with this card from transactions on your account in the past day.
name_count_for_card_hourlyBounded numeric (≤25)The number of names associated with this card from transactions on your account in the past hour.
operating_systemCase Insensitive StringThe customer’s operating system name and version.
refund_count_on_card_all_timeBounded numeric (≤25)The number of refunds associated with this billing address from transactions on your account. Takes into account payments from 2020 onwards.
refund_count_on_card_weeklyBounded numeric (≤25)The number of refunds associated with this card from transactions on your account in the past week.
refund_count_on_card_dailyBounded numeric (≤25)The number of refunds associated with this card from transactions on your account in the past day.
refund_count_on_card_hourlyBounded numeric (≤25)The number of refunds associated with this card from transactions on your account in the past hour.
refund_count_on_customer_all_timeBounded numeric (≤25)The number of refunds associated with this Customer object object from transactions on your account. Takes into account payments from 2020 onwards.
refund_count_on_customer_weeklyBounded numeric (≤25)The number of refunds associated with this Customer object object from transactions on your account in the past week.
refund_count_on_customer_dailyBounded numeric (≤25)The number of refunds associated with this Customer object object from transactions on your account in the past day.
refund_count_on_customer_hourlyBounded numeric (≤25)The number of refunds associated with this Customer object object from transactions on your account in the past hour.
risk_levelCase Insensitive StringThe risk level of a given payment, as determined by Stripe. The supported values are: normal, elevated, highest, not_assessed.
risk_scoreNumericThe risk score of a given payment, as determined by Stripe. The values range between 0 (least risky) and 100 (riskiest). By default, a risk score of 65 or above corresponds to a risk level of elevated, while a risk score of 75 or above corresponds to a risk level of highest. You can adjust the thresholds at Risk Settings.
seconds_since_customer_was_createdNumericThe number of seconds since the Customer object making the payment was created on your account.
seconds_since_email_first_seenNumericThe number of seconds since the email address supplied with the payment was first seen on your account. Takes into account payments from 2020 onwards.
seconds_since_email_first_seen_on_stripeNumericThe number of seconds since the email address supplied with the payment was first seen on Stripe overall. Takes into account payments from 2020 onwards.
seconds_since_card_first_seenNumericThe number of seconds since the card for the payment was first seen on your account. Takes into account payments from 2020 onwards.
seconds_since_first_successful_auth_on_cardNumericThe number of seconds since the first successful auth for the card associated with the payment happened on your account. Takes into account payments from 2020 onwards.
shipping_addressCase Insensitive StringThe full provided shipping address.
shipping_address_line1Case Insensitive StringThe first line of the provided shipping address (typically a street name and number).
shipping_address_line2Case Insensitive StringThe second line of the provided shipping address (typically an apartment or unit number).
shipping_address_postal_codeCase Insensitive StringThe postal code (ZIP) of the provided shipping address.
shipping_address_cityCase Insensitive StringThe city of the provided shipping address.
shipping_address_stateCase Insensitive StringThe state of the provided shipping address.
shipping_address_countryCase Insensitive CountryThe two-letter code corresponding to the country of the provided shipping address (for example, US).
total_charges_per_billing_address_all_timeBounded numeric (≤25)The total number of charges on this billing address on your account. Takes into account payments from 2020 onwards.
total_charges_per_billing_address_weeklyBounded numeric (≤25)The total number of charges on this billing address in the past week on your account.
total_charges_per_billing_address_dailyBounded numeric (≤25)The total number of charges on this billing address in the past day on your account.
total_charges_per_billing_address_hourlyBounded numeric (≤25)The total number of charges on this billing address in the past hour on your account.
total_charges_per_card_number_all_timeBounded numeric (≤25)The total number of charges on this card on your account. Takes into account payments from 2020 onwards.
total_charges_per_card_number_weeklyBounded numeric (≤25)The total number of charges on this card in the past week on your account.
total_charges_per_card_number_dailyBounded numeric (≤25)The total number of charges on this card in the past day on your account.
total_charges_per_card_number_hourlyBounded numeric (≤25)The total number of charges on this card in the past hour on your account.
total_charges_per_customer_all_timeBounded numeric (≤25)The total number of charges from this Customer object on your account. Takes into account payments from 2020 onwards.
total_charges_per_customer_weeklyBounded numeric (≤25)The total number of charges from this Customer object in the past week on your account.
total_charges_per_customer_dailyBounded numeric (≤25)The total number of charges from this Customer object in the past day on your account.
total_charges_per_customer_hourlyBounded numeric (≤25)The total number of charges from this Customer object in the past hour on your account.
total_charges_per_email_all_timeBounded numeric (≤25)The total number of charges from this email on your account. Takes into account payments from 2020 onwards.
total_charges_per_email_weeklyBounded numeric (≤25)The total number of charges from this email in the past week on your account.
total_charges_per_email_dailyBounded numeric (≤25)The total number of charges from this email in the past day on your account.
total_charges_per_email_hourlyBounded numeric (≤25)The total number of charges from this email in the past hour on your account.
total_charges_per_ip_address_all_timeBounded numeric (≤25)The total number of charges from this IP address on your account. Takes into account payments from 2020 onwards.
total_charges_per_ip_address_weeklyBounded numeric (≤25)The total number of charges from this IP address in the past week on your account.
total_charges_per_ip_address_dailyBounded numeric (≤25)The total number of charges from this IP address in the past day on your account.
total_charges_per_ip_address_hourlyBounded numeric (≤25)The total number of charges from this IP address in the past hour on your account.
total_charges_per_shipping_address_all_timeBounded numeric (≤25)The total number of charges from this shipping address on your account. Takes into account payments from 2020 onwards.
total_charges_per_shipping_address_weeklyBounded numeric (≤25)The total number of charges from this shipping address in the past week on your account.
total_charges_per_shipping_address_dailyBounded numeric (≤25)The total number of charges from this shipping address in the past day on your account.
total_charges_per_shipping_address_hourlyBounded numeric (≤25)The total number of charges from this shipping address in the past hour on your account.
total_customers_for_card_yearlyBounded numeric (≤25)The total number of Customer objects associated with this card on your account. This attribute only includes live mode Customer objects that interacted with your account in the past year. This data updates at most every 72 hours.
total_customers_for_card_weeklyBounded numeric (≤25)The total number of Customer objects associated with this card on your account. This attribute only includes live mode Customer objects that interacted with your account in the past week. This data updates at most every 72 hours.
total_customers_for_email_yearlyBounded numeric (≤25)The total number of Customer objects associated with this email on your account. This attribute only includes live mode Customer objects that interacted with your account in the past year. This data updates at most every 72 hours.
total_customers_for_email_weeklyBounded numeric (≤25)The total number of Customer objects associated with this email on your account. This attribute only includes live mode Customer objects that interacted with your account in the past week. This data updates at most every 72 hours.
total_customers_with_prior_fraud_activity_for_card_yearlyBounded numeric (≤25)The total number of Customer objects associated with this card that have fraud activity on your account. Fraud activity includes fraud disputes, early fraud warnings, and high risk Radar blocks. This attribute only includes live mode Customer objects that interacted with your account in the past year. This data updates at most every 72 hours.
total_customers_with_prior_fraud_activity_for_card_weeklyBounded numeric (≤25)The total number of Customer objects associated with this card that have fraud activity on your account. Fraud activity includes fraud disputes, early fraud warnings, and high risk Radar blocks. This attribute only includes live mode Customer objects that interacted with your account in the past week. This data updates at most every 72 hours.
total_customers_with_prior_fraud_activity_for_email_yearlyBounded numeric (≤25)The total number of Customer objects associated with this email that have fraud activity on your account. Fraud activity includes fraud disputes, early fraud warnings, and high risk Radar blocks. This attribute only includes live mode Customer objects that interacted with your account in the past year. This data updates at most every 72 hours.
total_customers_with_prior_fraud_activity_for_email_weeklyBounded numeric (≤25)The total number of Customer objects associated with this email that have fraud activity on your account. Fraud activity includes fraud disputes, early fraud warnings, and high risk Radar blocks. This attribute only includes live mode Customer objects that interacted with your account in the past week. This data updates at most every 72 hours.
total_usd_amount_charged_on_card_all_timeNumericThe total amount (in USD) of transactions from this card that were attempted on your account. Takes into account payments from 2020 onwards.
total_usd_amount_charged_on_customer_all_timeNumericThe total amount (in USD) of transactions from this Customer object that were attempted on your account. Takes into account payments from 2020 onwards.
total_usd_amount_failed_on_card_all_timeNumericThe total amount (in USD) of transactions from this card that failed (were blocked or declined) on your account. Takes into account payments from 2020 onwards.
total_usd_amount_failed_on_customer_all_timeNumericThe total amount (in USD) of transactions from this Customer object that failed (were blocked or declined) on your account. Takes into account payments from 2020 onwards.
total_usd_amount_successful_on_card_all_timeNumericThe total amount (in USD) of transactions that resulted in an authorization for the card on your account. Takes into account payments from 2020 onwards.
total_usd_amount_successful_on_customer_all_timeNumericThe total amount (in USD) of transactions that resulted in an authorization for the Customer object on your account. Takes into account payments from 2020 onwards.
transaction_typeStringThe type of the transaction. The supported values are: charge, payment_intent, setup_intent. The payment_intent value is only supported for Request Credentials rules. In such a case any Allow, Block, or Review rules would run against the charge attempts created when confirming the payment.
user_agentStringThe customer’s user agent.

The email_domain and is_disposable_email attributes use the email address found in any of the following fields:

  • The receipt_email of the payment
  • The description of the payment
  • The name of the card (if an email address has been provided as the cardholder name)
  • The email of the customer that the payment was created on
  • The description of the customer

Converted amounts

When using amount_in_xyz, Stripe automatically determines the converted amount of any payment when checking if the amount matches your chosen criteria. For example, if you create a rule using amount_in_usd to block all payments greater than 1,000 USD, Stripe would block a payment of a lower nominal amount in a different currency (for example, 900 GBP) if its equivalent converted value exceeds 1,000 USD.

“Takes into account payments from 2020 onwards” in practice

The descriptions of some rule attributes include the phrase “takes into account payments from 2020 onwards”. This means that the rule would treat a card that last transacted with your business in 2019 the same as a card that’s new to your business. You should carefully consider what this means in the context of your business and rules as it could result in counterintuitive behavior. For example, if you create a rule to block high-value payments from new cards, you might end up blocking a good customer who hasn’t made a purchase since 2019.

“This attribute only includes live mode Customer objects that interacted with your account in the past <week, year>. This data updates at most every 72 hours.” in practice

The descriptions of some rule attributes include the sentences “This attribute only includes live mode Customer objects that interacted with your account in the past <week, year>. This data updates at most every 72 hours.” This means that live mode Customer objects that were created, charged, or updated on your account in the past week or year are included in these counts. However, the count doesn’t update immediately and might take up to 72 hours to propagate through the system, though often times these counters update sooner than 72 hours.

Operators

A condition’s operator denotes the comparison between the payment’s attribute and the value you provide. Different operators are available, depending on the type of attribute being used.

OperatorStringMetadataCountryStateNumericDescriptionExample
=✔︎✔︎✔︎✔︎✔︎Equal to:card_country: = 'us'
!=✔︎✔︎✔︎✔︎✔︎Not equal to:card_funding: != 'prepaid'
<✔︎Less than:amount_in_gbp: < 10.00
>✔︎Greater than:amount_in_usd: > 500.00
<=︎✔︎Less than or equal to:amount_in_eur: <= 100.00
>=✔︎Greater than or equal to:amount_in_cad: >= 10.00
IN✔✔︎✔✔︎✔︎Is in the group:card_country: IN ('gb', 'ie')
INCLUDES✔✔︎✔✔Contains the string:ip_address: INCLUDES '192.168'
LIKE✔✔︎✔✔Matches the given pattern. Use the wildcard character % to match zero or any number of letters, digits or symbols.:email: LIKE 'fraud%@stripe.com'

Lists

You can reference a group of values in your rules through lists. All list aliases referenced in rules must start with @. To construct a rule referencing a list, follow the structure:

{action} [attribute] in [list]

For example, say you have a list of card countries you’d like to block. You could write a rule using several OR clauses:

Block if :card_country: = 'CA' OR :card_country: = 'DE' OR :card_country: = 'AE'

You could also write a rule using an inline list:

Block if :card_country: IN ('CA', 'DE', 'AE')

You could also create a list of card countries you want to block, named card_countries_to_block. You can then add the countries of your choice to the list and reference that list in a rule:

Block if :card_country: in @card_countries_to_block

Referencing a list in a rule allows you to edit a large number of items in one place instead of maintaining many individual rules.

EU merchants should be aware of the Geo-blocking Regulation and its prohibitions on blocking payments from customers based in EU member states. Learn more about this regulation.

Missing attributes

Typical rule conditions refer to attributes set on every payment, such as :card_country: (which is set on every card-based charge) or a metadata attribute you always send with your payment requests. In some scenarios an attribute might be missing, for example:

  • You have different checkout flows on your site, and some of them don’t collect customers’ email addresses

  • You’ve only recently started using Stripe.js, and so :ip_country: is available on new payments, but not available on historical payments (which we search when previewing rules)

  • For some of your payments, a bug in your integration fails to set an expected metadata key

How rule conditions evaluate missing attributes

Consider the rule Block if :email_domain: = 'definitelyfraud.com'. If you didn’t collect the customer’s email address, the :email_domain: attribute would be missing, and—as you might expect—the rule condition would not match the payment.

Now consider the rule Review if :email_domain: != 'definitelysafe.com'. If the :email_domain: attribute is missing, this rule also doesn’t match the payment. This result might seem a bit surprising, as a missing value is not the same as 'definitelysafe.com'. In this case, we interpret != 'definitelysafe.com' to mean “the attribute has some value other than 'definitelysafe.com',” which a missing attribute doesn’t satisfy.

More generally: any comparison (for example, =, !=, >, <) of a missing feature against another static value or feature (missing or present) always returns false.

Explicit handling with the is_missing function

If you want to explicitly check for the existence of an attribute or metadata attribute, use the is_missing function. Provide this function with the attribute or metadata key that may be missing.

For example, you could write a rule to match all payments where you don’t have access to a customer’s email address:

  • Review if is_missing(:email_domain:)

Or you might write a rule to match all payments that have a certain metadata attribute set:

  • Review if !(is_missing(::foo::))

You can also use the is_missing function in OR or AND conjunctions:

  • Review if is_missing(:email_domain:) OR :email_domain: IN ('yopmail.net', 'yandex.ru')

Complex conditions

You can build complex conditions by joining together basic conditions using the operators AND, OR, and NOT. You can also use their symbolic equivalents: &&, ||, and ! respectively.

Similar to programming languages such as C, Python, and SQL, Stripe supports standard operator precedence (order of operations). For instance, the complex condition:

{condition_X} OR NOT {condition_Y} AND {condition_Z}

is interpreted as:

{condition_X} OR ((NOT {condition_Y}) AND {condition_Z})

Sub-conditional grouping within complex conditions is also supported using parentheses. For instance, you can amend the prior example to explicitly change the evaluation order of sub-predicates:

({condition_X} OR (NOT {condition_Y})) AND {condition_Z}

{condition_X} OR NOT ({condition_Y} AND {condition_Z})

By using parentheses in different locations, each of these complex conditions lead to different results.

Valid conditions

The following conditions are examples of correct use of attributes and a supported operator:

  • :card_brand: = 'amex'
  • :card_country: != 'US'
  • :amount_in_usd: >= 1000.00
  • :is_anonymous_ip:

Invalid conditions

When creating a rule, Radar provides feedback if you attempt to use an invalid condition. For reference, the following are examples of invalid conditions, where the value for an attribute or the operator used isn’t supported:

  • :risk_level: < 'highest' (string values can only make use of = or != operators)
  • :ip_country: = 'Canada' (country values must be expressed in two-letter short code)
  • :amount_in_usd: >= 'one thousand dollars' (numeric values must be expressed in numbers)
  • :is_anonymous_ip: = 'true' (Boolean attributes are not used with operators or values)
Was this page helpful?
Questions? Contact us.
Watch our developer tutorials.
Check out our product changelog.
Powered by Markdoc
You can unsubscribe at any time. Read our privacy policy.
On this page
Rule processing and ordering
Rule structure
Stripe Shell
Test mode
Welcome to the Stripe Shell! Stripe Shell is a browser-based shell with the Stripe CLI pre-installed. Login to your Stripe account and press Control + Backtick on your keyboard to start managing your Stripe resources in test mode. - View supported Stripe commands: - Find webhook events: - Listen for webhook events: - Call Stripe APIs: stripe [api resource] [operation] (e.g. )
The Stripe Shell is best experienced on desktop.
$