Alerts Configuration
You can't respond to problems you don't know about. Most merchants discover chargebacks days late, miss KYC document requests, and find out about payout issues when payroll bounces.
Proper alerts turn reactive firefighting into proactive management.
What Matters
- Email alerts are the minimum. If your processor emails go to spam, you're blind.
- Chargeback alerts need immediate action. Hours matter for response windows.
- Escalation routing prevents single points of failure. Backup recipients are mandatory.
- Test your alerts. An untested alert is an unreliable alert.
- Alert fatigue is real. Too many low-priority notifications and you'll ignore the important ones.
Essential Alerts to Enable
Tier 1: Enable Immediately
| Alert | Why It's Critical | Response Time |
|---|---|---|
| Chargeback notification | Dispute response deadlines are short | Within 24 hours |
| Fraud alert (TC40/SAFE) | Early warning of fraud reports | Within 48 hours |
| KYC/KYB document request | Delays cause payout holds | Within 24 hours |
| Account health warning | Approaching thresholds | Same day |
| Payout failure | Cash flow impact | Immediate |
Tier 2: Enable for Operational Visibility
| Alert | Why It Matters | Response Time |
|---|---|---|
| Large transaction alert | Fraud/error detection | Same day review |
| Deposit confirmation | Cash flow tracking | Daily reconciliation |
| Reserve change | Cash flow impact | Within 48 hours |
| Failed transaction spike | Technical or fraud issue | Within hours |
| Refund velocity alert | Abuse or operational issue | Same day |
Tier 3: Enable Based on Volume
| Alert | When to Enable |
|---|---|
| Auth rate drop | Over $100k/mo |
| Decline code distribution shift | Over $100k/mo |
| Velocity threshold breach | If you have velocity rules |
| 3DS challenge rate spike | If using 3DS |
Email Deliverability Setup
Alerts are useless if they go to spam.
Before Launch
-
Allowlist processor domains
- Add processor email domains to safe senders
- Common:
@stripe.com,@squareup.com,@paypal.com,@braintreegateway.com - Check your processor's documentation for all sending domains
-
Use a dedicated inbox
- Create
payments@yourcompany.comor similar - Don't use a personal inbox that gets cluttered
- Create
-
Add backup recipients
- At least two people on critical alerts
- Different email domains if possible (backup on personal email)
-
Check spam folder during week 1
- After enabling alerts, check spam daily for first week
- Train spam filter by marking legitimate alerts as "not spam"
Test Email Delivery
- Trigger a test alert (most processors have test mode)
- Verify arrival in primary inbox
- Check arrival at backup recipient
- Measure delivery time (should be near-instant)
Escalation Configuration
Who Gets What
| Alert Type | Primary | Backup | Escalation |
|---|---|---|---|
| Chargebacks | Ops lead | Finance | Owner/CFO if no response in 24h |
| KYC requests | Finance | Ops lead | Owner if no response in 12h |
| Payout issues | Finance | Owner | — |
| Fraud alerts | Fraud/ops | Owner | — |
| Technical alerts | Dev/tech | Ops | — |
Time-of-Day Routing
If your processor supports it:
- Business hours: Route to ops team
- After hours: Route to on-call or owner
- Weekends: Route to personal email with text backup
Backup Recipient Rules
- Always have a backup. Single points of failure = missed alerts.
- Different person, not just different email. Two emails to the same person doesn't help if they're on vacation.
- Different domain for critical alerts. If company email goes down, personal backup still works.
Testing Your Alerts
"Prove Alerts Fire" Checklist
Before going live, verify each critical alert:
- Triggered test chargeback notification (via sandbox/test mode)
- Verified email arrived in inbox (not spam)
- Confirmed backup recipient received copy
- Tested response workflow (clicked links, accessed dashboard)
- Verified mobile delivery (if using mobile email)
- Tested webhook delivery (if applicable)
Periodic Fire Drills
Monthly or quarterly:
- Trigger a test alert
- Time response from alert to action
- Verify all recipients received it
- Document any failures and fix
What to Do When Test Fails
| Failure | Fix |
|---|---|
| Alert didn't send | Check processor settings, contact support |
| Alert went to spam | Add to safe senders, train filter |
| Backup didn't receive | Verify backup email, check their spam |
| Delayed delivery | Check processor status, consider SMS backup |
Webhook Basics for Operators
Webhooks are automated notifications from your processor to your systems. You don't need to code them, but you need to know if they're working.
What a Webhook Is
- Push notification to your system (not email)
- Triggers automated workflows (update database, send internal alert)
- Real-time delivery (faster than email)
Operator Questions to Ask
Ask Your Dev
"Are our webhooks configured and monitored? How do we know if a webhook fails? What alerts depend on webhooks?"
What Happens When Webhooks Fail
- Silent failures: You don't know something happened
- Delayed processing: Orders sit in limbo
- Missed chargebacks: Response deadlines pass
- Reconciliation gaps: Systems out of sync
Webhook Monitoring
Ask your dev team to confirm:
- Webhook endpoint is monitored for uptime
- Failed webhook deliveries trigger alerts
- Retry logic handles temporary failures
- Logs exist for debugging
Alert Fatigue Prevention
Too many alerts = ignored alerts.
Consolidation Strategies
| Instead of | Do This |
|---|---|
| Alert per transaction over $100 | Daily digest of large transactions |
| Every declined transaction | Alert only if decline rate spikes |
| Every refund | Alert only if refund velocity exceeds threshold |
Priority Levels
| Priority | Examples | Delivery |
|---|---|---|
| Critical | Chargeback, KYC request, payout failure | Immediate email + SMS if available |
| High | Large transaction, fraud alert, reserve change | Immediate email |
| Medium | Auth rate shift, decline pattern change | Daily digest |
| Low | Routine confirmations | Weekly digest or dashboard only |
Review and Prune
Monthly:
- Which alerts did you act on?
- Which alerts did you ignore?
- Turn off or digest the ignored ones
Processor-Specific Setup
Stripe
Dashboard: Settings → Business settings → Notifications
Key alerts:
- Disputes (chargebacks)
- Payouts
- Account updates (verification requests)
- Radar for Fraud Teams alerts (if enabled)
Square
Dashboard: Settings → Notifications
Key alerts:
- Disputes
- Deposit notifications
- Account alerts
PayPal
Dashboard: Settings → Notifications
Key alerts:
- Dispute notifications
- Transaction alerts
- Account limitations
Braintree
Control Panel: Settings → Notifications
Key alerts:
- Dispute notifications
- Webhook configurations
- Account alerts
Test to Run
1-week alerts audit:
Day 1-2: Setup
- Document current alert configuration
- Identify missing critical alerts
- Add backup recipients
- Check spam folders
Day 3-5: Verify
- Trigger test alerts for each type
- Verify delivery to primary and backup
- Time delivery speed
- Test response workflow
Day 6-7: Optimize
- Remove low-value alerts
- Consolidate into digests where appropriate
- Document final configuration
Success criteria: All Tier 1 alerts enabled and tested. Backup recipients confirmed. No alerts going to spam.
Scale Callout
| Volume | Focus |
|---|---|
| Under $100k/mo | Tier 1 alerts only. Email is fine. Owner as primary and backup recipient. |
| $100k-$1M/mo | Tier 1 + Tier 2. Dedicated payments inbox. Ops lead as primary. |
| Over $1M/mo | All tiers. Webhook-based automation. Dedicated monitoring. On-call rotation for critical alerts. |
Where This Breaks
-
Email deliverability problems. Alerts going to spam is the #1 failure. Check weekly until you trust the setup.
-
Alert fatigue. If you're ignoring alerts, you'll miss the important one. Prune aggressively.
-
Single recipient failures. Person on vacation, email full, left the company. Always have a backup.
-
Webhook silent failures. If your system depends on webhooks and they fail silently, you're blind. Monitor webhook health.
Cross-Links
Understand payout timing before setting alert expectations:
- Payout Strategy — know when money should arrive so you can alert on delays
Related operational guides:
- Processor Reporting Checklist - Data requirements
- Operations Index - Full operations guide
- Chargeback Alerts - Ethoca, Verifi details
- Chargeback Metrics - Tracking ratios
- Fraud Metrics - Monitoring fraud rates
- Network Programs - Threshold monitoring
- Holds and Reserves - Understanding holds
- Reading Statements - Understanding costs
- Processor Management - Working with processors
- Operations Checklist - Daily monitoring routine
- Who Owns What - Alert routing ownership
- Reduce Chargebacks Fast - When alerts show spikes
Next Steps
Setting up alerts?
- Enable Tier 1 alerts - Chargebacks, fraud, KYC, payouts
- Fix email deliverability - Check spam, allowlist domains
- Add backup recipients - Different person, different domain
Testing alerts?
- Run prove alerts fire checklist - Test each critical alert
- Verify backup delivery - All recipients receive
- Schedule periodic fire drills - Monthly or quarterly
Reducing alert fatigue?
- Consolidate to digests - Daily instead of per-transaction
- Set priority levels - Critical vs low
- Review and prune monthly - Turn off ignored alerts
Analyst Layer: Metrics to Track
| Metric | What It Tells You | Target |
|---|---|---|
| Alert-to-action time | Response speed | Critical: same day |
| Alert volume by type | Noise level | Trend down over time |
| Missed alert rate | Deliverability issues | 0% |
| False positive rate | Alert quality | Minimize |
| Escalation frequency | Primary recipient reliability | Rare |