FreezeAlert

Stripe Risk Signals: What Triggers an Account Review
MP
Mikita Pitunou
FOUNDER & CEO
Published
APR 15, 2026

Stripe’s risk engine feels like a black box from the outside, but it is not random. It is a system of signals with known inputs, known thresholds, and a logic that — while not published line-by-line — becomes legible once you have seen enough cases. This piece breaks down the six signals that actually drive reviews.

How Stripe’s Risk Engine Actually Thinks

The important thing to understand upfront: no single signal on its own will freeze a healthy account. Stripe’s risk engine computes a composite view — multiple metrics evaluated together, weighted by your account’s history, business model, and trajectory.

That is why two accounts with the same dispute rate can have wildly different outcomes. One is a mature account with two years of clean history, and the elevated disputes are a temporary spike. The other is a new account whose dispute rate has been climbing for four straight weeks. The point value looks identical. The composite trajectory is opposite.

When you see the signals below, read them as inputs to a composite — not as individual thresholds to stay under.

Signal 1: Dispute Rate and the Card Network Thresholds

The most load-bearing signal, because it is the one card networks enforce directly. Visa’s VAMP program and Mastercard’s Excessive Chargeback Program both set ratios that, when breached, impose fines and program enrollment fees that Stripe passes through to the merchant — plus the elevated risk of termination.

The numbers that matter:

  • Visa VAMP warning: starts monitoring at 0.5% dispute ratio.
  • Visa VAMP early warning: 0.65%.
  • Visa VAMP excessive: 0.9% (program enrollment, fines, elevated oversight).
  • Mastercard ECM standard: 1.5% for 3 consecutive months with 100+ disputes.
  • Mastercard ECM excessive: 3% or 300+ disputes per month.

Stripe’s internal warning zone is tighter than the network thresholds — typically around 0.75% — because they want time to act before your account breaches the network level.

Signal 2: Refund Velocity and Timing

Stripe treats refunds as a leading indicator: a customer who gets a refund did not file a dispute, but they were unhappy enough that one of the two was going to happen. A rising refund rate is often the earliest warning that dispute rate will rise next.

The patterns that flag:

  • Refunds within days of the charge. Fast refunds usually mean fulfillment problems, order mistakes, or immediate buyer’s remorse — and they correlate strongly with future dispute risk.
  • Refund clusters. Twenty refunds in a single week against a product line that normally has two. Even if the ratio stays within bounds, the cluster flags.
  • Partial refund patterns. Heavy partial refunds can look like negotiated dispute resolution — customer complained, merchant refunded half to avoid a chargeback. Stripe reads this pattern.

Healthy refund behavior is steady and proportional. Anomalies in timing or clustering matter more than the absolute rate.

Signal 3: Transaction Velocity Anomalies

Velocity is the rate and volume of transactions relative to your account’s baseline. Stripe builds a baseline during your first few months and compares new activity against it continuously.

Signals that flag:

  • Sudden volume spikes. A 5x or 10x day against baseline, especially on a new account, reads as fraud by default.
  • Ticket size anomalies. An account averaging $40 transactions that suddenly processes a $4,000 charge.
  • Card testing patterns. Large numbers of small charges in rapid succession, especially with high decline rates.
  • Time-of-day anomalies. Activity at hours that do not match your historical pattern — a US business suddenly seeing charges at 3am local time.

The mitigation for legitimate spikes is almost always the same: a pre-emptive note to Stripe explaining what is about to happen and why.

Signal 4: Geographic Risk Patterns

Stripe’s risk engine maintains a risk weighting for every country and, in some cases, region. Shifts in your customer geography — especially toward higher-risk areas — register as signals even when the absolute volume is modest.

The geographic factors that move the needle:

  • Country-level risk score. Some countries carry a baseline risk weighting that makes every transaction from them slightly costlier to the composite score.
  • New-geography surges. Sudden growth in a country you have not served before, without a marketing event to explain it.
  • Mismatch between billing and delivery address. A high rate of cross-border transactions where billing and delivery countries differ.
  • IP and card BIN mismatch. Customers charging with cards from one country while browsing from another — a normal pattern for some businesses, a fraud signal for others.

The signal is not that any specific geography is bad. The signal is that unexplained shifts matter.

Signal 5: Business Model Drift

Every Stripe account has a declared business model — what you sell, how you sell it, your fulfillment timeline, your refund policy. Stripe’s risk engine expects your activity to match that declaration, and it notices when it stops matching.

Drift shows up as:

  • Product category changes. A SaaS account that starts processing physical goods. A digital services account that starts selling subscriptions.
  • Ticket size evolution. A business whose average charge grows 5x over two quarters without the business model on file changing.
  • Fulfillment timeline changes. Moving from instant digital delivery to pre-order or long-lead-time fulfillment.
  • B2C to B2B or vice versa. Shifts in customer type that change dispute risk profiles substantially.

Drift is not illegitimate. Businesses evolve. But Stripe needs the declared model to be updated to match — a review that finds mismatched activity versus declared model typically ends with either an update requirement or a reserve.

Signal 6: KYC and Entity Mismatches

The lowest-volume signal, but the one with the highest single-event impact. A KYC mismatch — wrong entity name, unverified beneficial owner, address that does not match bank records — can hold an account indefinitely on its own.

Common mismatch sources:

  • Beneficial ownership changes that never got updated in Stripe.
  • Business address changes that updated in the bank but not in Stripe.
  • Name changes — legal entity rename, DBA shift, or trading name update.
  • Tax ID errors — transposed digits, wrong country format, or expired documentation.

KYC signals are often the easiest to prevent and the hardest to recover from quickly, because they require actual documentation that matches reality.

How These Signals Compound

A single signal moving into the warning zone rarely triggers a review. Two signals together often do. Three signals simultaneously almost always do.

The compound pattern we see most often:

  • Dispute rate rising from 0.4% to 0.7% over four weeks.
  • Refund velocity shifting with a cluster of fast refunds on a specific product line.
  • A volume spike from a campaign that hit an unexpected geography.

No single one of those would freeze an account. All three in the same 30-day window typically does.

That is why composite visibility matters more than any single metric. FreezeAlert connects to your Stripe account read-only and tracks all six signals continuously, with alerts when any one moves into its warning band — and a composite risk score that shows you the trajectory of the whole system, not just the individual inputs. The free tier covers the core signals. Connect in two minutes and start seeing your account the way Stripe’s risk engine sees it.

Found this useful?

Subscribe to get engineering deep dives every week.

Read next

View All
Guide

Stripe Chargeback Threshold: The Math That Matters

Card networks — not Stripe — set the chargeback thresholds that put your account at risk. Here is exactly how the ratios work and how to stay safely below them.

Guide

Stripe Account Frozen? Here Is Exactly What to Do

A practical step-by-step guide for founders whose Stripe account was just frozen. What to check, what to send, what to say, and what not to do in the first 24 hours.

Guide

Stripe Is Holding My Funds: Why and For How Long

Stripe holding your funds or payouts on pause? Here is what each hold type means, how long reserves really last, and how to get money released early.