security_violationhighAffects MRR

Stripe security_violation Error — Causes, Fix & MRR Impact

The Stripe security_violation error occurs when the card issuer declines the transaction (possibly due to a security concern), causing failed charges and MRR risk for SaaS businesses processing subscription payments.

What this means

The bank declined the charge (they may have a security concern). The customer should try again later, use another card, or contact their bank.

Why it happens

Issuer security or fraud check

The issuer's security or fraud system flagged the transaction and declined it.

Generic issuer decline

The issuer declined without a specific code; 'security_violation' is the label passed by the network.

Card or account under review

The account or card may be under security review; the issuer does not expose details.

Network or issuer policy

The decline was returned as security_violation by the network or issuer.

MRR Impact

Declines reduce MRR; retries and generic messaging can recover some. Customer may need to contact issuer.

Security violation is shown as generic; retries and update flow protect MRR.

Avg. recovery rate: Variable; retries and alternative payment method help.

Urgency: within 24h

How to fix it

  1. 1

    Treat as generic and retriable

    Do not show 'security_violation' to the customer. Include in retry logic with backoff; use advice_code when available.

  2. 2

    Show generic message

    Display: 'Your card was declined. Please try again, use another card, or contact your card issuer.'

  3. 3

    Send dunning email

    Email that the payment did not go through and ask the customer to verify their card or try another payment method.

  4. 4

    Offer payment method update

    Provide a link to add another card or switch payment method.

  5. 5

    Log for analytics

    Track security_violation with other issuer declines; do not expose in customer-facing content.

Detect security_violation automatically

Track security_violation volume; compare recovery rate with other generic declines.

Monitor your Stripe health free →

FAQ

What does Stripe security_violation mean?
security_violation means the card was declined for an unknown reason; the issuer may have detected a security concern. Stripe recommends the customer contact their card issuer. For SaaS, show a generic decline message and retry with backoff; do not expose the code to the customer.
Should I retry security_violation?
You can retry with backoff; some declines are temporary (e.g. false positive). If retries fail, ask the customer to contact their bank or use another card. Do not expose that the decline was for security.
How do I message security_violation?
Use a generic message: 'Your card was declined. Please try again later, use another card, or contact your card issuer for more information.'
Does security_violation affect MRR?
Yes. Retries and dunning can recover some revenue; treat like other generic issuer declines.

Related errors

fraudulent

The Stripe fraudulent error occurs when Stripe or the issuer suspects the payment is fraudulent, causing the charge to be declined; Stripe requires presenting this as a generic decline to customers for SaaS businesses processing subscription payments.

Affects MRRdo_not_honor

The Stripe do_not_honor error occurs when the card issuer declines the transaction without providing a specific reason, causing failed charges and MRR risk for SaaS businesses processing subscription payments.

Affects MRRgeneric_decline

The Stripe generic_decline error occurs when the card is declined for an unspecified reason or blocked by Stripe Radar or Adaptive Acceptance, causing failed charges and MRR risk for SaaS businesses processing subscription payments.

Affects MRR