Account checklist
Complete this checklist before taking your Stripe account live.
The items in this checklist apply to all Stripe accounts, regardless of how or where you signed up for Stripe. We also have checklists for taking your integration live and adhering to website payment best practices. For the safety and security of your Stripe account, follow these steps before going live:
For security purposes, enable two-factor authentication (2FA) on your Stripe account. Two-factor authentication requires that you log in with both your username and password, and enter a code sent to your mobile device. Using 2FA makes it harder for someone else to access your Stripe account.
The statement descriptor appears on customer statements when you charge their card. Missing or incorrect information can result in confused customers creating disputes, so make sure to review your statement descriptor in the Dashboard. Statement descriptors are limited to between 5 and 22 characters. They must contain at least 5 letters and can’t use the following special characters:
<
,>
,\
,'
, or"
. Stripe also recommends that you add text to your site that tells your users what they’ll see on their statements.The card issuer can automatically include other account information—for example, business name, address, email, or phone number—to show on your customer’s statements. Check that all of this information in your Stripe account is acceptable for your customers to see.
Stripe can notify you of account activity by email. You can choose events to be notified of in your Communication preferences. If multiple team members have access to your account, each one can set their own notification preferences. At a minimum, we recommend turning on emails for successful charges and disputes.
Choose the events to receive notification of in your Communication preferences. Any team member with account access can set their own notification preferences.
Fraud and disputes are unfortunate realities in all commerce. While Stripe is constantly improving its tools to help reduce these incidents, we recommend that you’re set up to:
- Regularly review payments in the Dashboard.
- Report charges that appear suspicious using the Dashboard or API.
- Have evidence at the ready for disputes.
- Prevent and mitigate card testing.
Incorrect bank information is a common cause of payout delays. Before accepting live charges, confirm your bank details are correct. If you process charges in multiple currencies and have multiple bank accounts, also confirm you’ve established the correct default currency. Multiple bank accounts for additional currencies are optional as Stripe can convert any payments into your default currency.
When reviewing your bank information, set your preferred payout schedule. The recommended and default option is daily—as funds become available—but you can change this to best suit your business and reporting needs.
You can give your team members access to your Stripe account. Stripe even lets you give different team members different permissions depending on their roles.
Whenever you give a team member access to your Stripe account, don’t give them your login credentials. We also recommend that you ask your team members to enable 2FA.
If a team member no longer needs access to your Stripe account, remove them from your account.
Review our Prohibited & Restricted businesses list to determine if your business operates in an industry that Stripe restricts or prohibits.
If your business operates in a restricted industry, you might need to provide additional documentation before you can use Stripe as your payment processor. If your business operates in a prohibited industry, you won’t be able to use Stripe.
If you have any questions about onboarding requirements or restrictions applicable to your business, contact us.