From vulnerability to resilience: Strengthening B2B payments with advanced authentication

Passwords to remember. Checks to put in the mail. Hard copies of invoices to store.

Commercial banking systems that were built long ago rely on traditional forms of authentication for their platforms, often using enterprise resource planning (ERP) software and internal portals to manage their business needs.

While slow processing and manual efforts are concerns, security has become the primary focus.

Business-to-business (B2B) payment issuers using legacy and manual processes are particularly vulnerable to sophisticated attacks because transactions often involve large financial transfers and complex approval processes that provide numerous entry points for fraudsters.

With AI at their disposal, fraudsters can do everything from creating deepfake voice calls for infiltrating call centers to scam emails for gaining access to business accounts.

In fact, the biggest authentication threat for B2B invoice fraud is Business Email Compromise (BEC), which saw $6.7 billion in global losses in 2024. This form of social engineering involves attackers manipulating employees into making unauthorized payments.

This has prompted businesses to reconsider their payment methods — B2B check use continues to drop year over year. Manual processing and vulnerability to fraud are the top reasons to consider eliminating checks, according to organizations who plan to stop using them.

Driven by rising fraud, compliance and regulations, financial institutions (FIs) are turning to advanced authentication solutions.

“Everyone is on a journey to introduce new innovative authentication solutions to eliminate passwords and make commercial payment systems more secure and reliable,” said Todd King, Vice President of B2B Solutions, TSYS. “The technology helps protect every step of the commercial transactional process, from settlements to invoices.”

Personalized payments security

Less than 100 milliseconds. That’s the response time it can take for a fintech’s APIs to authenticate a transaction and be considered seamless by users.

To achieve such a result, a more layered authentication approach using AI and behavioral biometrics is advised.

AI-powered authentication relies on machine learning biometric user data to combat fraud because it focuses on each point of contact between the institution and the end user. It uses recognition methods such as a fingerprint to confirm identities of employees, suppliers and vendors.

The system can become tailored to a user’s habits over time, making the process more efficient and less intrusive.

Integrating biometric solutions with ERP software and treasury management systems can also expedite the approval process without repeated multi-factor authentication (MFA) prompts, helping improve productivity.

“Operational efficiencies will be a key benefit for adopting authentication solutions — businesses doing things faster,” King said.

The value of advanced authentication

Long-term benefits of advanced authentication tools are often understood — fraud protection, cost savings and efficiency — but short-term disruption and upfront costs may create a barrier to adoption.

This is where a deeper dive into authentication can help.

Issuers could adapt requirements to the specific content of each user interaction. FIs can step up authentication for high-risk situations, and require less authentication for lower risk transactions or interactions. That means less friction for cardholders.

Some other key technological aspects of advanced authentication in the commercial space include:

Behavioral biometrics: AI analyzes unique behavioral patterns such as keystrokes, mouse and swipe movement, device handling and navigation patterns. This provides a continuous layer of authentication running in the background that is hard for fraudsters to mimic.

Machine learning: Models analyze user information with biometric data and fraud patterns that traditional rules-based systems may miss. From anomaly detection of a user’s normal behavior to examining historical data and emerging trends, AI-powered systems can instantly access risk and respond to potential threats.

Spoof detection: AI and machine learning technology help protect against sophisticated attacks such as impersonation. Instead of relying on static checks, modern systems analyze complex behavioral and contextual data to differentiate between a real user and a fraudulent one. For example, it protects against deepfake audio attacks that try to gain access to accounts.

Authentication B2B use cases

Virtual cards: A business issues a virtual card with a spending limit to a sales person for a client dinner. By having pre-set spending and monitoring controls, transactions can be set to a single merchant, spending threshold, time period and expiration date. A request to use a virtual card for an out-of-policy purchase would require a supervisor’s authentication, and AI could flag the attempt for review.

Automated accounts payable (AP) and B2B transactions: A company’s AP department receives a vendor invoice. The system performs identity verification, checking the vendor’s bank account details against an authenticated database. For high-value payments, the system requires MFA from multiple employees before the payment is released. Having authentication built into the workflow of an automated payment process helps ensure transactions are legitimate.

Automated subscription and recurring billing: An IT bank manager makes a recurring monthly charge to their company card for a software subscription. The initial setup requires authentication to verify the customer’s payment details, using 3D Secure for that card. Authentication protects the stored payment details. Changes to the plan or billing cycle require the user to re-authenticate their identity.

Point-of-sale and in-person payments: An employee at a business conference uses their mobile wallet to pay for a snack at a store. The transaction is authenticated with the employee’s face scan. Authentication methods ensure the legitimacy of the cardholder, reducing the risk of lost or stolen card fraud.

Integration with commercial products

Having the right issuer processor can be key in providing and integrating authentication tools for a payment system. That’s because they may already have AI-driven methods to sort out the authenticity of someone at the point of contact.

Additionally, issuers can leverage biometrics and AI to create transparent, adaptive and customer-centric strategies. One result is issuers can more clearly understand the customer journey, optimize performance and anticipate new threats.

One example is TSYS Advanced Authentication, a machine learning and AI-driven solution that supports FIs in implementing a risk-based approach that integrates seamlessly with channel interfaces, automating processes that otherwise would create friction with manual intervention. The solution processes approximately 60 million B2B transactions annually.

Issuers can use phone, device, biometrics and behavioral analytics to help confirm and protect genuine account holders while having a 360-degree view of the cardholder.

The solution can also be integrated into CentreSuite, a commercial card management platform that allows corporate cardholders and program administrators to manage expenses, track purchases and control card usage. Account holders can authenticate ecommerce transactions using their phone.

“CentreSuite leverages the solution’s framework that allows FIs to set rules on authentication for users on the platform,” King said. “Additionally, it allows FIs to leverage other tools like SIM cards on mobile devices. We can then check SIM data to see if it matches the user or has been recently changed.”