Error codes
Soft decline
Stripe
security_violation
The card was declined for an unknown reason.
What does security_violation mean?
The security_violation decline code indicates that the issuing bank's risk or security system flagged something about this specific transaction. It is a generic signal that the issuer considered the attempt suspicious — the card itself is usually fine, and the cardholder may not even be aware.
Is it a soft or hard decline?
security_violation is a soft decline. The card account is valid and active; the issuer has simply blocked this specific attempt. Retries with adjusted parameters, different routing, or after a cool-off window frequently succeed.
Common root causes
Velocity triggers — too many attempts on the card in a short time window
Geographic mismatch between cardholder and merchant location
3-D Secure gaps on a transaction the issuer expected to be authenticated
BIN-level risk rules temporarily elevated by the issuer
AVS or CVV inconsistencies from outdated stored data
Recommended recovery steps
Retry with a delay. Many security flags are time-bound; a well-timed retry often succeeds.
Ensure 3DS / SCA is applied where supported. Authenticated transactions carry a liability shift and are less likely to be flagged.
Update AVS and billing data. Stale billing addresses increase risk scores with some issuers.
Route through a different acquirer if available. Acquirer BIN combinations can change the risk profile.
How FlyCode handles security_violation
FlyCode's per-merchant ML models learn the retry patterns that succeed against specific issuers for security_violation declines. Based on network-level data and Mastercard/Visa signals, FlyCode times retries to avoid additional velocity flags and, when needed, triggers step-up authentication or routing changes. For cases where the issuer's block is persistent, the customer is contacted through FlyCode's AI outreach engine to confirm and refresh the payment method.
What does security_violation mean?
The security_violation decline code indicates that the issuing bank's risk or security system flagged something about this specific transaction. It is a generic signal that the issuer considered the attempt suspicious — the card itself is usually fine, and the cardholder may not even be aware.
Is it a soft or hard decline?
security_violation is a soft decline. The card account is valid and active; the issuer has simply blocked this specific attempt. Retries with adjusted parameters, different routing, or after a cool-off window frequently succeed.
Common root causes
Velocity triggers — too many attempts on the card in a short time window
Geographic mismatch between cardholder and merchant location
3-D Secure gaps on a transaction the issuer expected to be authenticated
BIN-level risk rules temporarily elevated by the issuer
AVS or CVV inconsistencies from outdated stored data
Recommended recovery steps
Retry with a delay. Many security flags are time-bound; a well-timed retry often succeeds.
Ensure 3DS / SCA is applied where supported. Authenticated transactions carry a liability shift and are less likely to be flagged.
Update AVS and billing data. Stale billing addresses increase risk scores with some issuers.
Route through a different acquirer if available. Acquirer BIN combinations can change the risk profile.
How FlyCode handles security_violation
FlyCode's per-merchant ML models learn the retry patterns that succeed against specific issuers for security_violation declines. Based on network-level data and Mastercard/Visa signals, FlyCode times retries to avoid additional velocity flags and, when needed, triggers step-up authentication or routing changes. For cases where the issuer's block is persistent, the customer is contacted through FlyCode's AI outreach engine to confirm and refresh the payment method.
What does security_violation mean?
The security_violation decline code indicates that the issuing bank's risk or security system flagged something about this specific transaction. It is a generic signal that the issuer considered the attempt suspicious — the card itself is usually fine, and the cardholder may not even be aware.
Is it a soft or hard decline?
security_violation is a soft decline. The card account is valid and active; the issuer has simply blocked this specific attempt. Retries with adjusted parameters, different routing, or after a cool-off window frequently succeed.
Common root causes
Velocity triggers — too many attempts on the card in a short time window
Geographic mismatch between cardholder and merchant location
3-D Secure gaps on a transaction the issuer expected to be authenticated
BIN-level risk rules temporarily elevated by the issuer
AVS or CVV inconsistencies from outdated stored data
Recommended recovery steps
Retry with a delay. Many security flags are time-bound; a well-timed retry often succeeds.
Ensure 3DS / SCA is applied where supported. Authenticated transactions carry a liability shift and are less likely to be flagged.
Update AVS and billing data. Stale billing addresses increase risk scores with some issuers.
Route through a different acquirer if available. Acquirer BIN combinations can change the risk profile.
How FlyCode handles security_violation
FlyCode's per-merchant ML models learn the retry patterns that succeed against specific issuers for security_violation declines. Based on network-level data and Mastercard/Visa signals, FlyCode times retries to avoid additional velocity flags and, when needed, triggers step-up authentication or routing changes. For cases where the issuer's block is persistent, the customer is contacted through FlyCode's AI outreach engine to confirm and refresh the payment method.
Understanding This Decline Code
Extended content body
Frequently Asked Questions
Is security_violation a soft or hard decline?
What commonly triggers security_violation?
Typical triggers include transaction velocity (too many attempts quickly), geographic mismatches, missing 3-D Secure, BIN-level risk flags, or AVS/CVV inconsistencies from stored data.
How does FlyCode recover security_violation declines?
FlyCode's per-merchant ML models identify whether a security_violation is transient (retry) or persistent (requires customer action), and triggers the appropriate recovery path automatically.
