Subscription dunning: how to recover 40% of failed payments without chasing

Subscription operators lose 5–9% of MRR every month to involuntary churn — failed payments where the customer didn't actually cancel. The card expired. The bank fraud-blocked the renewal. The decline was a soft "insufficient funds" that would clear two days later. Those customers want to keep the subscription; the system just charged them at the wrong moment.

Dunning is the process of recovering those payments. Done well, it recovers 35–45% of failed charges without ever asking the customer to do anything. Done poorly (which is most operators), it recovers 8–15% and trains customers to ignore your emails. This is the playbook for the well-done version.

Step 1: classify the decline

Stripe and most processors return a decline reason on every failed charge. The reason determines the retry strategy. Treating all declines identically is the #1 mistake.

Soft declines (recover with retry)

• insufficient_funds: 80%+ recover within 5 days.
• processing_error: usually a transient gateway issue, retry within minutes.
• do_not_honor: often soft despite the harsh name; retry with EMV-3DS attached.
• try_again_later: issuer fraud delay; retry in 12–48 hours.
• card_velocity_exceeded: issuer rate-limited the card; retry in 24+ hours.

Hard declines (require customer action)

• card_declined / generic_decline: issuer-permanent; need new card.
• expired_card: need new card OR Account Updater.
• incorrect_cvc: rare on subscriptions (CVC isn't stored); usually account compromise.
• lost_card / stolen_card: permanent; new card required.
• fraudulent: issuer flagged; requires customer to call bank.

Dunning logic: retry soft declines on schedule; route hard declines to email + dashboard prompt immediately. Most operators retry both groups identically and waste retry attempts on permanent declines.

Step 2: smart retry timing

The default retry pattern in most subscription tools is daily for 7 days. This is wrong. Issuer-side fraud algorithms learn from repeated declines and start blocking the card. Real recovery rate by retry timing (rough industry data):

• Hour +1: 6% of soft declines clear (gateway transient).
• Day +1: 18%.
• Day +3: 14%.
• Day +5: 9%.
• Day +7: 4%.
• Day +14: 3%.

Optimal retry pattern: hour +1, day +1, day +3, day +5, day +7. Five attempts spaced for the curve. Then stop. Daily retries past day 7 hit single digits and burn issuer trust.

Even better: payday-aware retry. For consumer subscriptions, retry on the 1st, 15th, and 30th of the month — when checking accounts get refilled. Tools like Stripe Smart Retries do this automatically. Recovery uplift typically 4–7 percentage points over fixed-interval retries.

Step 3: account updater

Both Visa and Mastercard run programs (Visa Account Updater / VAU; Mastercard Automatic Billing Updater / ABU) that push card updates to merchants when issuers reissue cards. New expiry dates, new card numbers (for replacements), closed-account flags. Account Updater is enabled at the merchant level by your processor.

What it covers:

• Card replaced for expiration: new card number + expiry pushed to vault.
• Card replaced for fraud: new card number pushed (some banks).
• Card closed: flag pushed; you stop charging.

What it doesn't cover:

• Customer changed banks.
• Customer cancelled card without replacement.
• Cards from issuers not enrolled in VAU/ABU (about 10% of U.S. issuers).

Account Updater alone recovers about 30–40% of "expired card" failures with zero customer effort. Most subscription operators are not enrolled. Cost is typically $0.25–$0.50 per updated record. Worth it on any subscription business.

Step 4: network tokenization

Network tokenization stores a token from the card network (Visa Token Service / Mastercard MDES) instead of the raw card number. The token survives card replacements automatically — when a new card is issued, the network maps the token to the new card transparently. No expired_card declines.

Stripe supports network tokenization automatically on most issuers. Pay.com, Adyen, and Checkout.com all support it. Authorize.net via certain processors. Net effect: subscription auth rates climb 1.5–3 percentage points because expired-card declines are largely eliminated.

Network tokenization + Account Updater together cover ~85% of expiry-related failures. Combined with smart retry timing, total dunning recovery hits 35–45%.

Step 5: the customer email cadence

For declines that retry doesn't recover, the customer needs to know. The cadence matters more than the copy.

Email 1: Day 0 (charge fails)

Subject: "Quick fix needed for your [Brand] subscription." Friendly, no urgency. CTA: one-click update card link. ~25% of customers update on this email alone.

Email 2: Day +3

Subject: "Did you mean to cancel [Brand]?" Reframe as "we noticed your card didn't work — confirm if you want to keep your subscription." Soft check-in. ~12% recover here.

Email 3: Day +7

Subject: "Last reminder before pausing your [Brand] subscription." Now you can introduce mild urgency. Mention what they'll lose access to. ~8% recover here.

Email 4: Day +14 (final)

Subject: "Your [Brand] subscription is paused — reactivate anytime." Don't cancel; pause. Pausing keeps the customer in the system; cancelling forces a new signup flow. ~3% reactivate within 30 days; another 5% reactivate within 90 days.

Total email recovery: 40–50% of customers who got an email reactivate. Combined with retry + account updater + tokenization, total involuntary-churn recovery hits 60–75% on a well-tuned subscription operation.

The 3 dashboards every subscription operator needs

1. Decline reason breakdown by month

Top 5 decline reasons + percentage of declines + recovery rate per reason. If "insufficient_funds" is your #1, you have a payday-timing problem. If "fraudulent" is rising, you have an account-compromise problem. If "expired_card" dominates, your account updater isn't enabled.

2. Recovery rate by retry attempt

Conversion rate for retry 1, 2, 3, 4, 5. Helps you stop paying for retries that aren't recovering anything. Most operators discover their 6th and 7th retries recover <2% — drop them and stop training issuers to block.

3. Cohort dunning recovery vs voluntary cancellation

For each monthly signup cohort, how many customers churn voluntarily (cancelled) vs involuntarily (failed payment + no recovery). Voluntary churn = product/pricing problem. Involuntary churn = dunning problem. Operators conflate the two and try to fix the wrong one.

What multiflow does on the subscription dunning side

For multi-brand operators, dunning logic typically lives in three places: the subscription billing tool (Stripe Billing, Recharge, Bold), the email tool (Klaviyo, Customer.io), and the gateway (which actually retries). Coordinating across three tools per brand × 10 brands is where dunning falls apart.

multiflow consolidates the gateway-side retry + account updater + network tokenization across every brand in the portfolio. Dunning emails still live in your ESP, but the retry orchestration is unified. See multi-brand reconciliation for how the consolidated payout side works, or pricing for the structure.

The bottom line

Failed subscription payments are recoverable. Most of them. The four levers — smart retry, account updater, network tokenization, and a real email cadence — are not exotic and not expensive. The reason most operators are at 8–15% recovery instead of 40% is that the levers are scattered across tools and nobody owns the whole flow.

Pick one quarter to fix it. The MRR recovery typically pays for the full overhaul in the first 60 days.