Decline Code Analysis: How to Read Decline Codes and Timings as an X-ray

[Good Carder]

From a carder to carders. You've selected a BIN, set up a proxy, warmed up your profile, and hit the card. The system rejects it. You look at the error code and can't figure out: is the card dead or is there a problem with the environment? Is the BIN blacklisted or are there simply insufficient funds? The answer lies in the details — in the decline code and the response time.

In this article, I'll teach you how to read decline codes like an X-ray. You'll learn the meaning of each popular decline code, how to distinguish between an issuer's decline and an antifraud block, how to interpret timings, and how to adjust your strategy based on this information. This isn't theory — it's practice that will save you thousands of dollars in wasted cards.

Part 1. Why a refusal code is a diagnosis, not a death sentence​

When a payment is declined, you see the message "Your card was declined" or "Transaction not approved." But behind the scenes, the payment gateway returns a much more precise code — a decline code. Stripe, Adyen, and Braintree each use their own code sets, but they are standardized across payment systems (Visa, Mastercard, Amex).

The response time (TTFB — Time To First Byte) is your second key tool. It tells you at what stage the decline occurred:

• <1 second - failure at the format validation level or BIN blacklist (the card didn't even reach the bank).
• 1–3 seconds — the request has reached the issuing bank, refusal due to a card-related reason (stop list, balance).
• 3–7 seconds — merchant or gateway anti-fraud is activated (the problem is in the environment, not the card).
• >7 seconds - network problem, proxy or timeout.

By combining code and timing, you can make an accurate diagnosis and decide what to change: the card, the proxy, the behavior, or all of them.

Part 2. Decoding Stripe's Decline Codes (2026)​

Stripe is the most popular gateway, and its codes are worth knowing by heart.

2.1. Card-Related Failures (Timing 1–3 sec)​

Decline code	Meaning	Action
insufficient_funds	Insufficient funds	The card is active, but the balance is less than the amount. Reduce the receipt or check with a micro-receipt.
do_not_honor	The card is on the bank's stop list (stolen, blocked, expired)	The card is dead. Don't waste your time.
lost_card / stolen_card	The card was reported as lost or stolen.	Similar to do_not_honor.
expired_card	Expired	The card is dead.
invalid_number	Invalid number (Luhn does not work)	The seller is a scam. Demand a replacement.
invalid_cvc	Incorrect CVV/CVC	Either the CVV doesn't match, or the card doesn't have a CVV. Check the details.
transaction_not_allowed	The card is not allowed for this type of transaction (e.g. ATM withdrawals only)	Useless for online carding.
withdrawal_limit_exceeded	Daily limit exceeded	Set the card aside for 24 hours.
pick_up_card	The bank requires the card to be confiscated the next time it is used.	The card is compromised. Do not use.

2.2. Antifraud-related failures (timing <1 sec or 3–7 sec)​

Decline code	Meaning	Action
fraudulent	Stripe Radar blocked the transaction.	The problem is in the environment: proxy, fingerprint, behavior. Change everything.
blocked	The card or BIN is blacklisted by the store.	The BIN has expired. Buy cards in a different range.
generic_decline	Generalized refusal (often from antifraud)	Check the timing. If it's >2 seconds, the problem is with the card. If it's <1 second, the problem is with the environment.
authentication_required	3DS required	The card is not suitable for non-3DS purposes. It's useless.

2.3. Technical errors (rare, but they happen)​

Decline code	Meaning	Action
processing_error	Error on the gateway side	Try again in a minute. If it happens again, the problem isn't you.
api_error	API error	Likewise.

Part 3. Timing as an Indicator: Learning to Read Response Time​

Stripe and other gateways return a request-duration header, or you can measure the time from sending the request to receiving the response.

Practical examples:

Situation	Timing	Decline code	Diagnosis
We hit the card and received a response in 0.8 seconds.	<1 sec	generic_decline	Blocked by BIN or fingerprint. Change your proxy and profile.
After 2.5 sec came do_not_honor	1–3 sec	do_not_honor	The card is on the stop list. Throw it away.
Insufficient_funds arrived in 4 seconds.	3–7 sec	insufficient_funds	The card is active but empty. Reduce the amount to $1 and check.
After 5 sec came fraudulent	3–7 sec	fraudulent	Antifraud merchant. Change proxy and fingerprint.
In 0.5 seconds invalid_number	<1 sec	invalid_number	Crap from the seller.

Measurement tool: in the browser console (F12) → Network → find the request to the payment API → Time column.

Part 4. Adyen and Braintree Codes: Key Differences​

4.1. Adyen​

Adyen returns resultCode and refusalReason.

resultCode	refusalReason	Meaning
Refused	NOT_ENOUGH_BALANCE	Insufficient funds
Refused	DO_NOT_HONOR	The card is on the stop list
Refused	FRAUD	Adyen Antifraud
Refused	3D_SECURE_REQUIRED	3DS required
Error	TIMEOUT	Network or proxy problem

4.2. Braintree​

Braintree returns processor_response_code and processor_response_text.

Code	Text	Meaning
2004	Insufficient Funds	Insufficient funds
2005	Do Not Honor	The card is on the stop list
2016	Fraud	Antifraud Braintree (Kount)
2003	Expired Card	The deadline has expired
2000	Generic Decline	Generalized refusal (often by BIN)

Part 5. Practical algorithm for failure diagnostics​

Step 1. Record the response time.
If <1 second, there's a problem with the environment or BIN (the card didn't even reach the bank). If >1 second, the card did reach the bank, but the problem is with the card or balance.

Step 2. Check the decline code.

• insufficient_funds → The card is active, but the balance is low. Reduce the amount or check with a micro-check.
• do_not_honor / lost_card / stolen_card → the card is dead. Throw it away.
• Fraudulent / blocked → problem with the environment. Change the proxy, profile, and anti-detection.
• authentication_required → The card requires a 3DS. Useless for non-3DS purposes.
• generic_decline + timing <1 sec → blocking by BIN. Change the BIN.
• generic_decline + timing 2–5 seconds → the card may be valid, but something is wrong with the data (CVV, address). Double-check.

Step 3. Test the card elsewhere.
Do a micro-check ($1) through Wikipedia or Red Cross. If it passes, the card is still valid, and the issue is with the merchant or the environment. If not, the card is dead.

Step 4. Log the results.
Write down the BIN, proxy, decline code, and timing. After 20-30 attempts, you'll see patterns.

Part 6. Errors in code interpretation​

Mistake 1. Relying solely on the code, ignoring timing.
Generic_decline at 0.5 seconds and at 3 seconds are different stories. Always look at the timing.

Mistake 2. Immediately blaming the card seller.
Even if the card failed with do_not_honor, it could be because you used a bad proxy or didn't warm up the profile. Check the environment.

Mistake 3. Not logging the results.
If you don't record which BINs fail with which codes and on which gateways, you won't be able to improve your strategy.

Mistake 4. Ignoring fraudulent.
If you receive a fraudulent, don't try again with the same profile and proxy — it's pointless. Change everything.

Summary​

Decline codes and timing are your primary diagnostic tools. They transform the chaos of refusals into a manageable process. Memorize the basic codes, learn to measure response time, and always check your logs. This will allow you to distinguish dead cards from environment issues and save tens of thousands of dollars.

A quick one-line cheat sheet:
“<1 sec — BIN or environment; 1–3 sec — card dead; 3–7 sec — antifraud. insufficient_funds — alive but empty; do_not_honor — discard; fraudulent — change proxy and profile. Log every refusal, analyze patterns. Timing + code = an X-ray of your problem.”