Getting Started
1. Install the App
Install Sentinel from the Stripe App Marketplace. It adds three views to your Stripe Dashboard:
- Home Overview — 30-day stats, blocked savings, recent scores
- Charge Detail — Per-charge refund risk score on every payment page
- App Settings — Enable/disable, thresholds, trial status, support links
2. Enable Scoring
Open App Settings and toggle "Enable refund scoring" on. Scoring begins immediately. No webhooks to configure, no checkout code changes.
3. Open a Charge
Find a recent charge in your Payments tab. Click into it. The Sentinel card shows the refund risk score and the factors behind it. Your 14-day trial starts when you enable scoring.
Scoring
Sentinel scores every refund request from 0 to 100 using 5 weighted signals. Each signal fires independently, and the total is clamped to 0-100. If a signal is missing (for example, no 3DS data), it's skipped — not penalized.
Signal weights
| Signal | Weight | Triggers when |
|---|---|---|
| Device in abuse network | 30 | Device seen in 3+ refunds across Sentinel |
| Card in abuse network | 28 | Card seen in 2+ refunds across Sentinel |
| Card serial refunder | 25 | Card has 4+ refunds in last 30 days |
| IP in abuse network | 20 | IP seen in 5+ refunds across Sentinel |
| Suspicious IP | 15 | VPN, Tor, or datacenter origin |
| Suspicious timing | 12 | Refund requested within 2 hours of delivery |
| No 3DS at purchase | 10 | Original purchase not 3DS authenticated |
| AVS fail | 8 | Address verification failed at purchase |
| CVC fail | 6 | CVC verification failed at purchase |
Thresholds
Two thresholds split the 0-100 score into three recommendations:
- Score < low threshold (default 30): Approve
- Low ≤ score < high: Request proof
- Score ≥ high threshold (default 70): Pause
You can tune thresholds in App Settings. Recommendations are suggestions — you always make the final call.
Abuse Network
The cross-merchant abuse network aggregates hashed signals (device, IP, card, email) from every Sentinel merchant's refund outcomes. When you approve or block a refund, the signals from that charge update the network's risk weights.
No merchant can see another merchant's scores or customers. The network only exposes aggregate counts (how many refunds, how many merchants) against hashed values. Hashes are one-way and can't be reversed to PII.
The network gets stronger as more merchants join. Early installs see weaker network signal and stronger per-merchant signals (IP, authentication, timing). Expect the network to become a primary driver after ~50 merchants.
API
Sentinel's public endpoints are called by the Stripe App. They're documented here for developers building custom integrations on top.
GET /api/sentinel/refund-status
Returns the Sentinel score for a charge or refund. Computes on demand if one doesn't already exist.
Returns: { cached, id, score, recommendation, risk_factors }
POST /api/sentinel/decision
Record your approve/block decision on a scored refund. Feeds the abuse network.
GET /api/sentinel/dashboard
Aggregate stats, recent scores, and billing status for the 30-day window.
GET/PUT /api/sentinel/settings
Read or update merchant settings (enabled, thresholds, proof request flag).
Billing
Sentinel is $49/month flat, or $39/month with the Reflex bundle. Your first 14 days are free. On day 15, we auto-create a Stripe Customer for your merchant email and send the first invoice via Stripe's hosted page (30-day payment window).
From month 2 on, invoices auto-charge the card you paid the first invoice with. No per-refund fees, no success fees, no usage caps.
Privacy
Sentinel stores: the risk score, the risk factors that fired, your approve/block decision, hashed signal values (device, IP, card fingerprint, email), and charge / refund IDs. We do not store full card numbers, customer names, or email addresses.
Signal hashes are one-way. The abuse network aggregates them across merchants to surface patterns, but no merchant can see another merchant's data.
Data is retained for 13 months per score, matching the refund/chargeback window across all major card networks. See our Privacy Policy for full details.