AltorLabFree Scan →
HomeError CodesSTRIPE_3DS_ABANDONED
stripeshopifyrecharge

Stripe 3DS Authentication Abandoned by Customer

Root cause

The Stripe PaymentIntent for a subscription renewal entered requires_action state (3DS required), the customer was sent the authentication URL, but they did not complete the authentication before the URL expired — typically 24–72 hours depending on the issuer.

Symptoms

How to fix it

1

Detect abandoned 3DS authentications proactively

Monitor for Stripe PaymentIntents in requires_action state that are older than 24 hours. Set up a daily job that queries Stripe for open requires_action PaymentIntents: GET /v1/payment_intents with status=requires_action. For each found, check when it was created — if older than 24 hours without the customer completing authentication, send a follow-up reminder email immediately.

2

Create a new billing attempt after the original PaymentIntent expires

Once the original PaymentIntent expires (moves to canceled), create a new subscriptionBillingAttemptCreate via Shopify or a new Stripe PaymentIntent via Recharge for the missed billing cycle. The new attempt will again trigger requires_action if the card requires 3DS. Send the new authentication URL immediately — do not wait for the customer to notice the failed payment.

3

Reduce future abandonment with better email timing and content

3DS authentication emails are frequently abandoned because customers do not recognize them as legitimate. Improve your authentication email: use a subject line that names your brand and the subscription ('Your [Brand] subscription needs verification — action required'), send it within minutes of the billing failure (not the next day), and include a clear deadline. Send a second email 12 hours before the URL expires as a final reminder.

Frequently asked questions

How long does a Stripe 3DS authentication URL remain valid?

The authentication URL validity depends on the card issuer — typically 24 to 72 hours. After the URL expires, the Stripe PaymentIntent transitions to canceled. You cannot extend the expiry — once canceled, create a new PaymentIntent or billing attempt to get a fresh authentication URL. Send the authentication email within minutes of the billing failure to maximize the window available to the customer.

Is there a way to bypass 3DS for subscription renewals?

Partially. The Merchant-Initiated Transaction (MIT) exemption allows off-session subscription renewals without 3DS if the card was properly set up with a SetupIntent that completed 3DS authentication. If the original subscription setup included a SetupIntent with usage: off_session and the customer completed 3DS during setup, future renewals typically receive the MIT exemption and bypass 3DS entirely.

Detect this error automatically

Free cross-stack scan finds all billing errors in 60 seconds.

Run Free Scan →