Many Stripe users assume that once Radar is enabled, fraud is “handled.”
But in reality, a large portion of fraud losses don’t come from blocked payments — they come from payments that were approved successfully.
Approved, charged, settled.
And only later… disputed.
This is not a Stripe bug.
It’s a configuration gap.
In this post, we’ll explain why Stripe Radar can still let risky payments through, what “Ghost Transactions” are, and how to fix the problem using your own payment data — not guesswork.
The Silent Problem: Approved Payments That Shouldn’t Exist
Stripe Radar uses powerful machine learning models. Each payment gets a risk score from 0 to 99. Based on that score and your rules, Stripe can block, review, allow, or challenge a payment with 3D Secure.
Sounds solid — and it is.
But here’s the part many teams miss:
Stripe can approve payments even when key verification checks fail.
That includes:
- CVC failures
- AVS (address or postal code) mismatches
- High-risk cards that don’t trigger default AI rules
If you don’t explicitly tell Radar what to do in these cases, Stripe will often allow the payment by default.
These approvals are what we call Ghost Transactions.
What Are “Ghost Transactions”?
Ghost Transactions are payments that:
- Were successfully approved and charged
- Failed important verification checks (CVC, AVS, etc.)
- Slipped through because no rule explicitly stopped them
They look legitimate in your dashboard.
They don’t trigger alerts.
And they often only surface weeks later as chargebacks.
Ghost Transactions are not rare edge cases — they are a symptom of under-configured Radar setups.
A Quick Primer: What Stripe Radar Actually Does
Stripe Radar is Stripe’s built-in fraud prevention system. It evaluates card payments, wallets, and some debit methods in real time and assigns a risk score (0–99).
Stripe offers several versions:
- Standard Radar – included or add-on for most accounts
- Radar for Fraud Teams – adds custom rules, lists, analytics, and manual reviews
- Radar for Platforms – focused on platform-level fraud
By default, Radar enables AI-based rules like:
- “Block if
:risk_level:is highest” - “Review if
:risk_level:is elevated”
These rules are helpful — but they are generic.
They don’t know:
- How strict you want to be
- Whether a CVC failure should be fatal
- When 3D Secure should be mandatory for your business
That’s where Radar rules come in.
Radar Rules: Power Without Guidance
Radar rules are conditional instructions you define to control payment behavior.
Examples:
- Request 3D Secure for new customers
- Allow payments from known office IPs
- Block mismatched IP country and card country
- Review high-value prepaid cards
Actions include:
- Block
- Allow
- Review
- Request 3D Secure
Rules are evaluated top to bottom, and the first matching rule decides the outcome.
The problem isn’t that Radar rules are weak.
The problem is that most teams don’t know which rules they actually need.
Radar for Fraud Teams: Tools Aren’t Strategy
Radar for Fraud Teams unlocks:
- Advanced custom rules (BIN, card brand, country, 3DS flags)
- Risk score threshold tuning
- Manual review workflows
- Deeper fraud analytics
But tools don’t equal clarity.
Even with Fraud Teams enabled, many businesses still ask:
- Which rules are active right now?
- How do CVC, AVS, and 3DS interact?
- Are we blocking the right things — or just copying templates?
Without data-driven answers, Radar becomes “set it and hope.”
Where GhostAudit Fits In
GhostAudit exists to answer one simple question:
What is actually getting approved in your Stripe account — and shouldn’t be?
GhostAudit connects to Stripe using a restricted read-only key and analyzes your real transaction history.
We look for patterns such as:
- Approved payments with CVC = fail
- Approved payments with postal code verification failures
- Clusters of high-risk countries or prepaid cards
Then we show you:
- Your Ghost Rate — how often failed checks still lead to approval
- The most common risky approval patterns in your account
- Suggested Radar rules aligned with Stripe’s own templates and best practices
No guessing. No generic rule copying.
From “Radar Is On” to a Real Fraud Strategy
Most teams don’t lack fraud tools — they lack visibility.
They know Radar exists, but they don’t know:
- What Radar is allowing
- Where verification failures are being ignored
- How their own data differs from Stripe’s defaults
GhostAudit turns your payment history into evidence.
Instead of reacting to chargebacks, you proactively tune Radar based on what’s already slipping through.
Because fraud isn’t just what Stripe blocks.
It’s what Stripe allows by default.
Want to See Your Own Ghost Transactions?
Reading about Stripe Radar is useful.
Seeing what’s actually slipping through your account is more valuable.
GhostAudit scans your historical Stripe charges using a restricted, read-only key to identify:
- Approved payments with failed CVC or AVS checks
- Risky approval patterns unique to your business
- Where Radar rules could have blocked fraud — but didn’t
If you’re already using Stripe Radar or Radar for Fraud Teams, GhostAudit helps you turn them from “on” into properly configured.
