Email security
Tipalti uses enhanced authentication and token validation to ensure secure transmission of approver emails.
Token validation
Approval request emails contain a unique token that is validated as part of the approval action transmission back to Tipalti. The approval token expires after a predefined period (default = 60 days). If the approver attempts to execute an action on an expired email, a notification advises the approver to contact AP for a new approval email.
Enhanced authentication
The authentication process ensures that someone other than the approver cannot approve the bill.
- The approver receives the approval email and selects "Approve bill" or "Update coding".
- A new browser tab displays further details. When the approver clicks the action button, they receive an email with a verification code, and at the same time, an authentication dialog displays in the tab.
Email with verification code:
Authentication dialog:
- In the authentication dialog, the approver enters the code and clicks "Verify & Approve Bill" for the action to execute (the action will not execute without the code).
The verification code is valid for one year (unless the approver deletes browser cookies, or uses a different browser or device).