Compromised card alertingBeta
Cancel and reissue a card, file disputes, or notify a cardholder based on Stripe notifications.
Cancelling a card suspected to be compromised can help you prevent future fraudulent use of PANs that have been compromised. You can use these indicators to initiate communications and a reissuance workflow for cardholders. If Stripe observes that a card has been successfully used in a card testing attack, we flag the card as compromised.
Mitigate risk and take action
When Stripe observes a successful authorisation during a severe card testing attack (defined as a risk_
of elevated
or highest
), the card’s fraud_
field will have a value of card_
. The started_
value corresponds to the date that the successful authorisation in card testing attack took place. This value won’t update if the card is compromised again in a later attack.
After Stripe sets the type
field to card_
, we recommend contacting the cardholder, cancelling the card, and issuing a new one. This mitigates the risk of subsequent authorisations on what a fraudulent actor likely assumes is a valid PAN that they can use.
Learn more about compromised card alerting
Compromised card alerting is currently limited to beta users. You must be an Issuing customer to join the beta. To request access to the beta, log in to your Stripe account and refresh the page. Contact Stripe for more information.