Dunning Best Practices for 2026

Generic retry schedules are obsolete. In 2026, every serious recovery tool routes charges to different retry schedules based on the specific decline code.

Insufficient_funds retries on day 2-5 to catch payday cycles. Processing_error retries within 2-4 hours. Card_velocity_exceeded retries after 24 hours. Expired_card skips retries entirely and goes straight to customer email.

The impact is significant. Decline-code-aware scheduling typically recovers 15-25% more than a fixed schedule. If you are still running 'retry on day 1, 3, and 7' for every decline code, you are leaving money on the table.

The old template — 'Your payment of $X has failed. Please update your card or your account will be canceled' — is dead. It is cold, transactional, and triggers anxiety instead of action.

Modern recovery emails are warm, conversational, and brand-aligned. They reassure the customer that their account is still active, explain that payment failures are common and usually a card expiration, and provide a single clear call-to-action button. They use the customer's first name, reference the specific product, and match the voice of the rest of your marketing emails.

A/B tests consistently show that conversational recovery emails outperform transactional ones by 30-50% on click-through and 20-40% on payment update completion.

Strong Customer Authentication (SCA) requirements in Europe and growing use of 3D Secure globally mean that recovery flows must handle authentication_required declines gracefully.

When a charge fails with authentication_required, retrying the raw charge will fail again — the bank needs the customer to complete a 3DS challenge. The recovery flow must send the customer a payment link that triggers the authentication challenge, not just retry the charge blindly.

In 2026, any recovery tool that does not handle SCA properly is losing a significant portion of European and UK recovery opportunity. Make sure your tool of choice supports Stripe's Payment Element and PaymentIntent confirmation flows for authenticated recovery.

Stripe's automatic card updater catches 60-70% of card replacements automatically by pulling updated card numbers from Visa and Mastercard's account updater services. Every Stripe Billing user should have this enabled.

But card updaters miss smaller banks, prepaid cards, and non-US regions. For the 30-40% of replacements that updaters miss, you still need recovery emails to prompt customers to manually update their card.

The 2026 best practice is layering: account updaters catch the easy cases automatically, and your recovery flow handles everything else with emails. This combination eliminates nearly all expired_card churn.

Cutting off access immediately when a payment fails is counterproductive. Give customers a grace period — typically 7-14 days — during which their account remains active while retries and recovery emails run.

The grace period is critical because it avoids angry customers, preserves the relationship, and gives recovery tools time to work. Suspending too early creates churn you could have prevented.

Configure your grace period in Stripe subscription settings or via your recovery tool. Match grace period length to ARPU: shorter grace periods (7 days) for low ARPU, longer (14-21 days) for high ARPU accounts where manual follow-up makes sense.

Recovery rate is a starting metric, not an ending one. In 2026, sophisticated dunning programs track:

Recovery rate by decline code — are you recovering insufficient_funds charges well but missing expired_card? The breakdown tells you where to invest.

Time to recovery — median hours from failure to successful recovery. Faster is better for customer experience and cash flow.

Recovery by customer segment — are you recovering your high-value accounts at a higher rate than long-tail customers? If not, consider manual outreach for top accounts.

Revenue recovered vs revenue at risk — the dollar view matters more than the count view for financial reporting.

Revive exposes all of these metrics by default, so you can optimize without building custom dashboards.