The P3 Blog

Popular Payable Posts

← Back to The P3 Blog

5 Ways To Protect Your Business From Online Account Takeover

Online account takeover is one of the most insidious forms of cyberfraud.  The damage a cyber criminal can do in short amount of time is devastating, and if you’re a business owner, you’re not as protected as you might think.

Online payment solutions are a must in this fast paced world, but don’t sacrifice security for speed and convenience.

Here are five things you can do to protect yourself and your business from online account takeover:

1. Set a dual-approval workflow

Creating a workflow where multiple people must approve a transaction offers tighter control over the payments process as well as greater protection from internal employee fraud.

2. Set daily limits on payment amounts

Setting daily limits on payment amounts greatly reduces your chances of major loss, and if by a chance a hacker or untrustworthy employee tries to exceed the limit, the appropriate alerts should go off.

3. Find a solution that integrates with your accounting system

Many businesses that use an online payments solution (such as Bill Pay) inevitably confront the “dual entry problem”: they must enter details about each payment into their accounting system when an invoice is received, then subsequently enter the same details into the application when issuing the payment. In addition to being a very inefficient way of making payments, dual entry is highly vulnerable to errors and offers poor control over the payment process. Once a business starts making over ten payments, the dual entry process becomes too onerous to endure.

4. Seek two-factor authentication

When you sign in to your bank account or any other financial application, you normally have to sign in once to gain access. Since it’s not very difficult for hackers and cyber criminals to crack a password, traditional authentication is too big of a risk for your business. Two-factor authentication requires that you confirm your identity beyond just logging in. An example of two-factor authentication would be requiring you to enter a security code that has been sent to you via text message or email, and is only valid for a very short time.

5. Use a single machine dedicated to payments

While not entirely feasible for some, dedicating one computer solely to online banking is probably the most effective method for preventing online account takeover. This computer should be for financial purposes only and not used for email, social media, or web browsing of any kind.

To learn more about online account takeover, check out our whitepaper The Business Guide to Online Account Takeover.


We're transforming accounting by automating Accounts Payable and B2B Payments for mid-sized companies. Our award-winning solution has helped over one thousand businesses transform accounts payable from a source of inefficiency and fraud risk to a secure and strategic profit center that provides visibility into key cost drivers.

← Back to The P3 Blog

Subscribe to the P3 Newsletter now!