The P3 Blog
Popular Payable Posts
5 Ways To Protect Your Business From Online Account Takeover
Online account takeover is one of the most insidious forms of cyberfraud. The damage a cyber criminal can do in short amount of time is devastating, and if you’re a business owner, you’re not as protected as you might think.
Online payment solutions are a must in this fast paced world, but don’t sacrifice security for speed and convenience.
Here are five things you can do to protect yourself and your business from online account takeover:
1. Set a dual-approval workflow
Creating a workflow where multiple people must approve a transaction offers tighter control over the payments process as well as greater protection from internal employee fraud.
2. Set daily limits on payment amounts
Setting daily limits on payment amounts greatly reduces your chances of major loss, and if by a chance a hacker or untrustworthy employee tries to exceed the limit, the appropriate alerts should go off.
3. Find a solution that integrates with your accounting system
Many businesses that use an online payments solution (such as Bill Pay) inevitably confront the “dual entry problem”: they must enter details about each payment into their accounting system when an invoice is received, then subsequently enter the same details into the application when issuing the payment. In addition to being a very inefficient way of making payments, dual entry is highly vulnerable to errors and offers poor control over the payment process. Once a business starts making over ten payments, the dual entry process becomes too onerous to endure.
4. Seek two-factor authentication
When you sign in to your bank account or any other financial application, you normally have to sign in once to gain access. Since it’s not very difficult for hackers and cyber criminals to crack a password, traditional authentication is too big of a risk for your business. Two-factor authentication requires that you confirm your identity beyond just logging in. An example of two-factor authentication would be requiring you to enter a security code that has been sent to you via text message or email, and is only valid for a very short time.
5. Use a single machine dedicated to payments
While not entirely feasible for some, dedicating one computer solely to online banking is probably the most effective method for preventing online account takeover. This computer should be for financial purposes only and not used for email, social media, or web browsing of any kind.
To learn more about online account takeover, check out our whitepaper The Business Guide to Online Account Takeover.
← Back to The P3 Blog