1. Resource Library
  2. Payment Services
  3. Payment Fraud

How To Accept Secure B2B Payments Online (While Limiting Fraud Risks)

Published on 6 min read

In this article, we’ll explain how you can securely accept payments online from your B2B customers, in a way that integrates with and improves your accounting workflows.

Shield with coins floating around it

In 2020, two-thirds of organizations were targets of payment scams, according to a report from the Association for Finance Professionals (AFP).

More payments are moving online and more businesses are transitioning to digital payments for the first time. This means it’s more important than ever that business-to-business (B2B) suppliers have reliable technologies for secure payment processing.

Jump to a section:

Why do online B2B payments need to be secure?

If B2B businesses want to accept payments online, then it’s paramount they do so securely. Fraudsters are constantly looking for vulnerabilities to access companies’ sensitive data through.

The digital payment ecosystem is fragmented. Whether it's B2C or B2B, businesses are engaging with multiple third-party service providers and weaving their solutions into their own internal information technology infrastructure. Understanding the full landscape of that ecosystem is critical for businesses looking to prevent payment fraud
Chris Wassenaar, Chief Risk Officer, Versapay

What kinds of payments can you accept online in B2B?

Some businesses hesitate to accept payments from their customers online out of security concerns. This means they’ll often just stick to what they’re used to: paper checks. Some business buyers express this same fear and prefer to pay via check as a result.

When we asked technology leaders within finance departments why they felt their buyers might be hesitant to move away from checks, one executive in the construction industry stated, “People like the money-in-hand feeling. They feel they have more control over physical checks. They do not trust electronic payments.”

But, the truth is paper checks and other nondigital methods of accepting payment (like phone-initiated payments) are not the most secure. When we compare the most and least secure B2B payment methods, what we find is that the most secure payments are ones that can be made online.

Commonly used methods to pay online in B2B

Some of the most common methods B2B buyers use to pay their suppliers online (and incidentally the most secure) include:

1. Automated Clearing House (ACH)

Online ACH payments move funds electronically, from one bank to another. Because these payments go through a highly regulated ‘clearing house’ that keeps account numbers confidential, they are among the safest B2B transaction types.

2. Virtual cards

Virtual cards are one of the most secure payment methods because they consist of automatically generated numbers that aren’t tied to the customer’s account. Virtual card providers create a randomly-generated card number, expiry date, and security code that buyers can use as they would a regular credit card. They are often set up for a single-use or limited kinds of transactions, making them ideal for procurement.

3. Credit cards

Environments that accept credit card payments must be PCI Compliant. They are one of the safer ways for businesses to accept B2B payments, owing to their built-in security features. These include encryption methods such as "Secure Sockets Layer (SLL) and Transport Layer Security (TLS).

Why PCI Compliance is crucial for B2B sellers

The Payment Card Industry Data Security Standards (PCI DSS) are the benchmark for global payment security. They are determined by the Payment Card Industry Security Standards Council (PCI SSC). The council works with players in the payments industry to develop and drive the adoption of data security standards and resources for safe payments worldwide.

How PCI Compliance makes online payment acceptance safer

PCI Compliance applies to all entities that store, process, and/or transmit cardholder data. The standard covers technical and operational practices for system components included in or connected to environments with cardholder data.

Any supplier that processes card payments needs to meet requirements such as having firewalls in place and encrypting any transmissions that take place on public networks. We provide more details on maintaining PCI Compliance here.

3 ways to prevent fraud when accepting online payments

Many B2B companies are nervous about the ever-growing array of online payment methods that customers and clients can avail of.

Here are three central ways for suppliers to safeguard their companies against fraud, while supporting the convenient digital payment methods customer prefer.

1. Monitor and block fraudulent traffic

Protect against hackers and other bad actors by bolstering your IT defenses with firewalls and suspicious email attachment blockers. Back up core data regularly. Be sure to avoid accepting payments over the phone or fax, as these types of payments are at higher risk.

Instead, use your payment processor’s invoicing, online portal, or gateway functions to securely accept payments.

With digital payments, the critical window to mitigate fraudulent activity is before authorization occurs. Having systems and safeguards in place that protect your public payment environment from spam and abuse are vital to preventing payment fraud.

2. Proactively manage compliance

Verizon's 2020 Data Breach Investigations Report found that 53% of companies that experienced a breach between 2014 and 2019 were confirmed to be non-compliant at the time of incident. None of the PCI-compliant companies surveyed experienced a breach in the same five-year period.

Because PCI Standards are updated regularly, however, maintaining compliance should be a priority year round and not just when certification time rolls around.

3. Work with proven payment services providers

Fraudsters are always coming up with new ways to steal information and engage in financial crime. When seeking out a payment processing partner to accept payments online, consider one that has deep integrations with popular enterprise resource planning (ERP) systems.

Leading integrated payments providers will allow you to accept all payment types across your ecommerce, point of sale, and accounts receivable channels, while giving you the tools to limit fraud opportunities and dishonest chargeback requests.

There are all these different, wonderful avenues for fraudsters to get into a business’ ecosystem. It only takes one organization with that supply chain to not update their security—for their devices or network—and that grants fraudsters access
Chris Wassenaar, Chief Risk Officer, Versapay

Why partner with an integrated payments provider

Integrated payments providers, like Versapay, tokenize and record payment information automatically, without any need for manual handling by your accounts receivable team. Tokenization helps increase payment security further by replacing primary account numbers (PAN) with a set of randomized numbers.

The most secure B2B payment processing systems have dynamic authentication controls. These controls monitor for fraud patterns, using strong encryption methods—such as 3D secure 2 and secure sockets later (SSL)—to protect data during transmission.

When you partner with a payment processing provider that integrates with your ERP, information gets passed through the necessary channels without the need to hand off data to several parties. This helps you minimize risk as you are processing payments in a unified ecosystem that you control.

Versapay offers native integration with Oracle NetSuite, Microsoft Dynamics 365 Business Central NAV and F&SCM, and Sage Intacct. Where we don't already have native integrations, we work with you to develop a solution tailored to your system.


Want to learn more about protecting your business against payment fraud? Read our ebook, Payment Fraud Explained: How B2B Merchants Can Fight Fraud and Maximize Customer Experience.

Always stay up-to-date

Join the 50,000 accounts receivable professionals already getting our insights, best practices, and stories every month