Radar Lists Fresh
Create and manage lists of values used in Radar rules to block, allow, or review matching payments.
What lists are for
Instead of writing many individual rules, group similar values into a list and reference the list in a single rule. Examples:
- Email addresses tied to fraud → block list
- Trusted customer IDs → allow list
- Suspicious IP addresses → review list
Default lists
Stripe provides built-in allow and block lists for common data types. You can add and remove items but cannot edit or delete the default lists themselves.
Cards
| List type | Description |
|---|---|
| Card BIN | First 6 digits of card number (e.g., 424242) |
| Card country | 2-letter issuer country code (e.g., US) |
| Card fingerprint | Unique Stripe identifier for a specific card number |
| Charge description | The description field on the payment |
| Client IP country | 2-letter code for the IP geolocation |
| Client IP address | The payment's originating IP address |
| Customer ID | The customer ID on the payment |
| Email from the Charge, Card, or Customer object (in that order) | |
| Email domain | Domain portion of the email |
ACH Direct Debit
| List type | Description |
|---|---|
| ACH fingerprint | Unique Stripe identifier for a bank account |
| Charge description | The description field |
| Client IP country / address | Geolocation and IP data |
| Customer ID | Customer on the payment |
| Email / Email domain | Email from Charge, Bank Account, or Customer |
SEPA Direct Debit
Same structure as ACH, using SEPA fingerprint instead of ACH fingerprint.
Custom lists
Create your own lists for use in custom rules. Available types:
- String
- Case-sensitive string
- Card fingerprint
- Card BIN
- Customer ID
- IP address
- Country
- SEPA Direct Debit fingerprint
- ACH Direct Debit fingerprint
Create a list
Dashboard → Radar → Lists → New:
- Name the list (an alias is auto-generated for use in rules)
- Select the list type
- Click Add
Reference in rules using @alias_name:
Block if :email: in @fraud_emails
Review if :ip_country: in @suspicious_countries
Allow if :customer: in @trusted_customersAdd items via API
bash
# Create a list
curl https://api.stripe.com/v1/radar/value_lists \
-u "sk_test_YOUR_KEY:" \
-d name="Fraud email list" \
-d alias=fraud_emails \
-d item_type=email
# Add an item to the list
curl https://api.stripe.com/v1/radar/value_list_items \
-u "sk_test_YOUR_KEY:" \
-d value_list=rsl_YOUR_LIST_ID \
-d value=fraudster@example.comList limits and expiration
- Maximum 50,000 items per list
- String list items in the Dashboard can have expiration dates
- Default fingerprint allowlist items have a maximum lifespan of 30 days (to prevent fraudsters from becoming permanently whitelisted)
- Custom payment method fingerprint lists can have longer or indefinite windows
Auto-populate from fraud reports
When you refund and report a payment as fraudulent, Stripe automatically:
- Adds the card fingerprint to your default card fingerprint block list
- Adds all card fingerprints attached to the associated Customer object
- Adds the payment's
receipt_email, Customeremail, and any emails in description/card name fields to your email block list
Via API:
bash
curl https://api.stripe.com/v1/charges/{{CHARGE_ID}} \
-u "sk_test_YOUR_KEY:" \
-d "fraud_details[user_report]=fraudulent"Best practices
- Keep allow lists short — they override all other rules including Stripe's AI
- Set expiration dates on allow list items for card fingerprints
- Regularly audit lists for stale entries
- Use email domain lists when a specific domain keeps appearing in fraud patterns
- Combine list membership with risk level in rules to reduce false positives:
Block if :email: in @fraud_emails and :risk_level: != 'normal'