What this audit checks
Authentication & access
- OAuth bearer token refresh succeeds and TTL is healthy
- Client ID points to live (not sandbox) for production integrations
- Required scopes granted: reporting/search/read, disputes, payments/payment, subscriptions
- Webhook ID present and signature validation enabled
Transaction health
- Success rate above 92% baseline
- Decline event-code mix - no single soft-decline reason > 25% of declines
- Retry success rate > 25% (alternate funding source uptake)
- On-hold / pending rate (PayPal status T+P) below 3%
Seller Protection & fraud controls
- Seller Protection eligible coverage rate ≥ 80% on eligible transaction categories
- Partially-eligible share < 15%
- Ineligible-transaction volume not surging > 2σ from baseline
- Unauthorised dispute rate < 0.5%
- Denied-by-risk velocity not surging > 50% vsP (rule tightening or attack)
Disputes & chargebacks
- Dispute rate below 0.9% on a 90-day window
- Avg seller response time < 5 days (PayPal default response window is 10)
- Buyer-Protection win rate at or above 35% industry baseline
- Dispute reason mix surfaced - INR / SNAD / UNAUTHORISED routed to right team
- Lifecycle-stage mix - ARBITRATION share < 5% (late escalation = lost cases)
Settlement & payouts
- Avg settlement time within PayPal’s expected schedule for the merchant’s country
- No payout pending > 5 days
- Payout batch success rate ≥ 99%
- Pending balance not climbing - rolling reserve ratio in expected range
Subscription & recurring health
- Recurring charge failure rate below 12%
- Subscription churn rate < 5%
- Dunning recovery rate ≥ 25%
Cross-channel: revenue protection
- Decline-driven checkout-funnel drop (sibling = shopify/bigcommerce/adobe.checkout_step_completion_rate falling concurrent with paypal.decline_rate spike)
- INR-to-fulfilment correlation (sibling = shipbob/commerce.shipment_delayed_orders converting to MERCHANDISE_OR_SERVICE_NOT_RECEIVED disputes joined by invoice_id/custom_field)
- Recoverable revenue forecast (soft-decline value × sibling.avg_repurchase_rate × alternate-funding success rate)
- Chargeback forecast (open INQUIRY count × historical INQUIRY→CHARGEBACK rate × avg dispute amount)
Severity thresholds
| Signal | Warn | Critical |
|---|---|---|
decline_rate | 6 | 8 |
success_rate | 92 | - |
dispute_rate | 0.9 | 1.0 |
payout_age_days | 3 | 5 |
seller_protection_coverage_rate | 80 | - |
partial_eligibility_share | 15 | 25 |
unauthorised_dispute_rate | 0.3 | 0.5 |
arbitration_stage_share | 3 | 5 |
recurring_failure_rate | 8 | 12 |
on_hold_pending_rate | 2 | 3 |
Data sources
GET https://api-m.paypal.com/v1/identity/oauth2/userinfo- Auto-detect merchant_id, identity, account capabilityGET https://api-m.paypal.com/v1/reporting/transactions- Transaction history (max 31-day window per call), decline reasons, protection_eligibilityGET https://api-m.paypal.com/v1/reporting/balances- Live + pending balance per currencyGET https://api-m.paypal.com/v1/customer/disputes- Dispute list with reason + status + life_cycle_stage + seller_response_due_dateGET https://api-m.paypal.com/v1/customer/disputes/{dispute_id}- Single dispute detail incl. outcome, evidence, historyGET https://api-m.paypal.com/v1/payments/payouts- Mass-payout batchesGET https://api-m.paypal.com/v1/billing/subscriptions- Active / past_due / cancelled subscriptions for churn + failure rate