BILL System Security

BILL is designed with your privacy and security in mind, providing six categories of protection to help guard your money and sensitive information.

Application Protections

BILL helps protect against unauthorized access to your account by

  • Enforcing a strong password policy
  • Applying 2-Factor Authentication
  • Sending login data over a secure channel
  • Automatically logging out customers after a period of inactivity
  • Educating our customers on the risks of business email compromise schemes

Payment Protections

BILL reduces risks associated with check theft by paying vendors with digital payments or checks that are sent by BILL on your behalf; BILL account information appears, rather than your own, thereby shielding your account information from exposure. This also eliminates risks associated with keeping blank check stock on your premises and exposing your bank information on checks you send.

BILL applies Positive Pay to reduce the risk of check fraud; the bank matches the check issued with the check presented for payment to ensure the amount, payee and check numbers match.

Keep your bank account information private from vendors by making digital payments through the BILL account.

Network Protections

BILL uses security software, intrusion detection and prevention appliances, and network monitoring technology to prevent unauthorized electronic access to our servers.

Data Protections

BILL encrypts sensitive customer information in our database and applies protections from malicious applications.

BILL uses Transport Layer Security (TLS) and encryption to protect customer data during transit over the internet.

BILL replicates production data from the primary site to the co-location facility for disaster recovery scenarios.

Physical Protections

BILL servers and network infrastructure are hosted at secure data center facilities managed by world-class certified data center providers.

All BILL employees undergo background checks and data security and privacy training.

BILL has a formal vendor management program to manage third-party risks.

Compliance Protections

BILL undergoes an annual SOC 1 and SOC 2 Type II Audit by a leading national CPA Firm.

BILL partners with a PCI certified vendor for virtual credit card payments.

BILL operates an Anti-Money Laundering (AML)/Office of Foreign Assets Control (OFAC) Program, designed to prevent the BILL Service from being used for purposes of money laundering, terrorist financing, violating or subverting OFAC sanctions, or for other illegal purposes.

Security Center

Select Security Center on the bottom of your overview page to visit our Security Center. You can report suspected fraud or phishing emails on this page.