Combating online credit card fraud can feel like an uphill battle for many e-commerce companies today: business owners usually spend hours every day reviewing disputed charges, analyzing suspicious signups, or dealing with profit and reputational hit caused by false declines. Frustrating, isn’t it? That’s where Stripe Radar comes into the picture!
Why do you need a smart solution to prevent credit card fraud?
$20 billion – this is what credit card fraud costs businesses annually, worldwide. Additional related costs, such as increased operational costs, network fees, and customer churn, are not even included in this number. If this wasn’t enough to deal with, sophisticated fraudsters are constantly finding new ways to exploit weaknesses. No wonder companies are using strict rules to block suspected fraudulent charges.
But what’s the problem here?
Old ways of combating fraud are not designed for modern internet businesses and can lead to lower acceptance rates and lost revenue. For instance, hard-coded rules may result in blocking many good transactions. In this case, false declines can cause the business to take both a gross profit and reputational hit. False negatives on the other hand may entail being responsible for the original transaction amount plus chargeback fees, higher network fees as well as higher operational costs from reviewing charges or fighting disputes. If you incur too many disputes, you could even end up in a network chargeback monitoring program involving higher costs or the inability to accept card payments!
This is why, today, businesses need solutions that can precisely distinguish fraudsters from legitimate customers and can quickly adapt to shifting fraud patterns. Stripe Radar is capable of all this, and even more!
What is Stripe Radar?
If you’re using Stripe as your payment service provider (and if you’re also using handy payments plugins for your WordPress site, such as WP Full Pay), you might already be familiar with the security features of these solutions:
What does Stripe Radar add to this list?
Stripe Radar provides fraud prevention in real time for any type of business. It is powered by adaptive machine learning, the result of years of data science, and infrastructure work by Stripe’s dedicated machine learning teams. This enables it to detect more nuanced patterns to help you distinguish fraudsters from customers and maximize revenue.
Stripe Radar’s algorithms evaluate every transaction for fraud risk and take action appropriately. High-scoring payments are blocked, and Radar for Fraud Teams provides additional fraud tools so that you can specify your own criteria to block suspicious payments. The software also takes pride in its ability to quickly adapt its algorithms to shifting fraud patterns and to your unique business needs.
Another key advantage is that Stripe Radar is built directly into Stripe; therefore, it works out of the box. Furthermore, its intuitive user interface, robust self-service library as well as competent live agents make custom rule creation a piece of cake for any business owner!
How is Stripe Radar able to provide such a high level of accuracy?
Stripe Radar’s exceptional precision can be traced back to the fact that Stripe processes hundreds of billions in payments from millions of businesses and interacts with thousands of partner banks across the globe each year. This scale enables Stripe Radar to see signals and patterns much earlier than smaller networks and continuously improve its fraud detection ability.
Stripe Radar pricing
Stripe Radar fees are simple and transparent. The service only costs 5¢ per screened transaction. This fee is even waived for accounts with standard 2.9% + 30¢ pricing.
The more advanced features of Stripe Radar for Fraud Teams cost 7¢ per screened transaction. (This fee is reduced to only 2¢ for accounts with standard pricing.)
Now that you’re familiar with the software’s fees and remarkable capabilities, let’s dive into a more detailed look at how Stripe Radar works!
How exactly does Stripe Radar work?
Stripe Radar comes with some built-in rules that can block many fraudulent payments for you. Stripe Radar for Fraud Teams even allows you to create custom rules specific to your business. If a payment matches the criteria for a rule, Stripe Radar takes the appropriate action, and the payment isn’t evaluated any further.
Four different actions are possible:
- Request 3DS: these are rules that request 3D Secure authentication when used with the Payment Intents API or Checkout. For instance, you may want to request it for all payments that support it and are made by a new customer. Regardless of matches on this rule, allow, block, and review rules are evaluated after it.
- Allow: these are Stripe Radar rules that allow a payment to be processed, regardless of Stripe’s evaluation or any other matching rule. For instance, you may want to use an allow rule to all payments from your call center’s IP address. In this case, payments aren’t evaluated against any block or review rules.
- Block: these are rules that block a payment and reject it. You may want to block payments made from a certain location or cards issued outside your country, for instance. Blocked payments aren’t evaluated against any review rules.
- Review: these rules allow payments to be processed; however, they’re placed into Stripe Radar’s review queue. For example, you might want to review transactions that are greater than a certain amount or use an email address from an unusual domain. Stripe still processes these payments and charges the customer, but you have an additional opportunity to review the order.
The structure of Stripe Radar rules
As you’ll see, Stripe Radar’s rule structure is quite straightforward. It has two components: the action it should take and the condition to evaluate:
{action} if {condition}
What does this look like in practice? A rule to block all payments over 5,000 USD would appear as:
Block if :amount_in_usd: > 5000.00
What’s the action here? Bingo, it’s Block
.
And you might have already guessed the condition: :amount_in_usd: > 5000.00
.
How can you add rules?
You can use the Dashboard to create and manage rules. The process is simple: to create a rule, first decide on the action it should take, then click Add rule.
Before saving it, you can test your rule using your account’s payment history from the last six months to see what effect the rule would have on your business.
Stripe Radar rule examples
To get more practical and also give you an idea of what Stripe Radar is capable of, let’s see some block rules you can use. The same rules can also be used for allow, review, and request 3DS actions, and you can even combine them for more complex use cases.
Rules based on card data
- Block prepaid cards:
Block if :card_funding: = ‘prepaid’
- Block cards of certain brands:
Block if :card_brand: = 'visa'
- Block cards if 3DS is not supported:
Block if :card_3d_secure_support: = 'not_supported'
- Block cards issued in a certain country:
Block if :card_country: = 'CA'
- Block if the card is used X number of times per hour:
Block if :charge_attempts_per_card_number_hourly: > 10
Rules based on customer data
- Block if the country of the customer’s IP address doesn’t match certain criteria:
Block if :ip_country: != 'GB'
- Block based on billing address country:
Block if :billing_address_country: != 'DE'
- Block if the customer uses a disposable email address:
Block if :is_disposable_email:
- Block the customer’s IP address:
Block if :ip_address: = '121.6.645.744'
- Block if the customer’s IP address is anonymized (uses a known proxy or Tor server):
Block if :is_anonymous_ip:
- Block if there are a certain number of cards used from the customer’s IP address:
Block if :card_count_for_ip_address_daily: > 3
- Block if the customer’s email domain is in a preset email domain block list:
Block if :email_domain: in @my_email_domain_blocklist
Rules based on customer’s behavior
- Block if the customer has already made a certain number of payments daily:
Block if :total_charges_per_customer_daily: > 3
Rules based on risk assessment
- Block if the risk is at a certain level:
Block if :risk_level: = 'highest'
- Block if the risk score is greater than a certain value:
Block if :risk_score: > 50
How to know when to create Stripe Radar rules?
Deciding whether or not to create a custom rule can sometimes pose a challenge.
The following questions will guide you to the right answer:
- Are there certain features or user behaviors you deem quite risky?
- Would you benefit from implementing rules based on payment amounts or perceived risk levels?
- Do your existing disputed and refunded payments share any common patterns (such as similar amounts, card types, or countries)?
- Do you have existing rules that you want to use in Stripe as well?
Before implementing any block rule, we advise you to consider whether you’d rather review these payments first. Regarding allow rules, keep in mind that they override Stripe’s default rules along with any other custom rules that match the same criteria. Therefore, try to keep the number of these rules low!
Furthermore, always keep in mind that many of the desired rules may already be covered by Stripe Radar’s machine learning models. So it’s worth seeing how the system performs for your business before customizing it.
Final thoughts
Whether you operate a small business or a thriving enterprise, Stripe Radar provides you with a powerful fraud protection system that can help you improve profitability, save time, and gives you overall peace of mind whenever an order comes through your site. So you can lean back and focus exclusively on leading and growing your business!