compliance_monitoring · workflow

Stripe's ML flywheel reduces successful card testing attacks by 80%

Card testing fraud is difficult to detect because it blends with legitimate traffic and attackers constantly evolve their tactics, making high-precision identification a challenging ML problem.

How it works
Common implementation structure
How this type of workflow is generally built, generalized across documented cases — not tied to any one vendor's stack. Click any stage to read what happens there. Specific products that implement these stages appear in “Tools commonly seen” below.
Stage 1 · Multi-level ML transaction scoring
ML models at three abstraction levels dynamically update the blocking threshold for card testing transactions in real time.
Tools used
ShepherdFlyte
Outcome

Successful card testing attacks on Stripe decreased by 80% over two years, even as payment volume expanded to over $1 trillion.

Results
Time savedwithin hours
Volume80%
Cost replacedover $1 trillion
Source

https://stripe.com/blog/the-ml-flywheel-how-we-continually-improve-our-models-to-reduce-card-testing

How we source this →

Grounding & classification
Source type: technical build writeup
20 fields verified against source quotes.
anomaly detectionfraud detectionpredictive analyticsmetric backednamed customerproduction runtime claimedsource backedtools describedworkflow describedfinancial servicesaccuracy improvementerror reductiontechnical build writeupcompliance monitoringextract classify routemonitor detect alert