Skip to content
← For small businesses

Enter your idea

For small businesses: Business features

Categories

(thinking…)

Invoices: Ability to have password protected email invoices

As is frequently reported in the news, cybercrimes are prevalent and increasing. In light of a security incident experienced by one of our own clients - additional security measures to avoid cyber security issues need to be addressed.
Being able to safely send invoices electronically that have some type of protection on them is of utmost importance.

One small step that can easily be made within Xero is to remove the word 'Invoice' from the subject line of the email which basically can lead hackers to where the dollars are.
This can be updated in your email settings- however secondary security is also of importance.
Please consider additional security for protecting invoices.

10 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Jodi Herbein shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Jean Sutherland commented  ·   ·  Report

    I recently spoke to a client who was scammed when an invoice emailed from a new supplier was intercepted and the bank account details changed on the pdf.

    I tested a pdf Xero invoice and it is possible to do this.

    Has any consideration been given to pdfs being able to be secured before sending? Or (and I don't know if this is possible) being able to secure certain fields e.g. the bank account appears in our template footer so can that area be secured?

  • Lewis Rosenberg-Smith commented  ·   ·  Report

    If Xero users are required to authenticate their logins it would make a lot of sense for invoices sent from Xero to require authentication, or another layer of security before they can be viewed. Whether its a code sent via SMS or an app, it would set Xero apart from a security standpoint for customers to know that if an email account of an invoice recipient is compromised there is still one further step stopping them from accessing an invoice template.

  • Tania Brussow commented  ·   ·  Report

    Business critical, especially with fast increasing cyber crimes and protection of privacy laws becoming more strict.