Which three types of Stripe API objects does Stripe Radar evaluate for risk?

The statement that Stripe Radar evaluates PaymentIntents, Charges, and SetupIntents for risk is correct.

PaymentIntents are a central object in the Stripe API, managing the lifecycle of a payment through multiple steps, including confirmation and authentication. This makes them critical for assessing potential risk as they are directly related to the execution of a charge. Charges themselves are fundamental to the payment processing flow, so they are also evaluated for risk, as they represent a direct transaction between a customer and a business. Lastly, SetupIntents are used to save payment information for future payments, thus having implications for risk since they involve sensitive customer payment data even before a charge occurs. By evaluating these three objects, Stripe Radar can gain a comprehensive view of the transaction's risk profile.

The other options do not encompass the primary objects that Stripe Radar focuses on. For instance, while refunds can be associated with risk, they are not evaluated to the same extent in terms of risk measurement as the main transaction processes like PaymentIntents and Charges. Incorporating aspects such as SetupIntents reflects the broader approach taken by Stripe to ensure both immediate and future payment methods are secure.