With the holiday season upon us, auto dealerships are facing an influx of consumers looking to swoop on end-of-year sales and holiday offers. While previous years saw a steady stream of buyers piling into dealerships and onto car lots to make their purchases and sign contracts and loans, foot traffic has recently slowed as buyers are opting to purchase cars online.
Auto dealers have long resisted the shift to digital purchasing, favoring in-person transactions as much as possible, but COVID-19 forced a change in consumer behavior and normalized online car shopping and digitally transforming the auto industry. As a result, loans and contracts are now being signed digitally using electronic signatures. The process may be streamlined and more efficient, but opening their systems and interaction points up to the digital world leads to increased potential for hackers and scammers to steal the customers’ identity, money or sensitive data.
It can be difficult for auto dealers to ensure these high-value transactions are secure, sometimes even calling for a serious revamp to its entire cyber infrastructure. As dealerships continue to roll out and embrace new digital capabilities, they must recognize the security threats that can accompany them (if not implemented properly).
Understanding the cyber risks
Cars are large purchases, making dealerships a desirable target for hackers, no matter where a transaction might take place. Unfortunately, due to the accelerated call for online car purchasing, auto retailers began tossing up digital services to keep up, without a close eye on their security practices. This quick adoption of digital processes has left many security holes in auto dealers’ financial platforms, increasing cyber risks and the likelihood of exposing critical information to the public.
One common technique we see in these situations is social engineering techniques, in which an attacker tries to convince a user to perform a transaction on their behalf or to send money to a fraudulent account. We’ve also seen more instances of fake identities being used – both on the consumer side and the dealership side – which erode trust for both sides of this relationship in the digital channel.
According to this State Of Cybersecurity In The Dealership 2022 survey, 85% of IT-related employees reported that within the past two years, their dealerships were victims of at least one cybersecurity incident. The report also disclosed that only 37% of auto retailers are confident in their current protection. Most notably, social engineering attacks are common within the auto industry, as cyber criminals utilize the victim to gain access to personal information, whether that’s through phishing attacks or sending SMS messages.
Striking a balance between security and customer experience
Although auto dealers have come a long way, it’s safe to assume that digitally, the auto industry is still in its early stages. Digital agreements and transactions may be used but securing these transactions will continue to be another issue entirely.
The main point of contention organizations have with security processes is the fact that they believe it will hinder their consumers’ experience, but in a recent survey, 73% of consumers report that they’d be more comfortable working with staff at auto dealerships that have completed compliance training and display their certifications. By implementing the right protections and advocating for compliance, organizations gain consumer trust. If there is integrity behind every transaction, consumers will not only have the confidence to work with auto dealers online, but organizations themselves will be able to capitalize on this trust, leading to additional success.
Authentication will prove to be key
To combat the cyber threats of online car purchasing, companies must put the right protection in place to ensure customers are secure throughout the entire digital experience.
Auto retailers can begin by paying close attention to the authentication needed with all digital transactions. More specifically, digital signature is quickly becoming preferred technology for e-signing documents across industries, and car dealerships are catching on. That said, authentication is key, validating that a person is who they say they are – not just at the onset of the online car buying experience, but all through the transaction. To do this, car dealerships and lenders must be integrating user identification, authentication and attribution capabilities into the transaction journey. Consumers must also recognize when they come across online platforms that do not emphasize these capabilities so they do not disclose critical information that could potentially be leaked.
While many of the auto finance lending platforms that are used today by dealerships have the capabilities to provide the additional levels of security to digital transactions needed to ensure consumers that are online car shopping are protected, many dealerships aren’t leveraging them.
These finance platforms really are the glue between bankers, resellers, dealers, manufacturers, and anyone involved in car buying, so it is of the utmost importance their security infrastructure is updated as well.
As auto lenders continue to navigate this ever-changing cyber landscape, revamping their security infrastructure and establishing digital trust will prove successful. Digital agreements and transactions may take place, but integrating digital trust and integrity into every transaction is imperative, especially for high-value transactions like car buying. New buyer behavior will not revert back to pre-pandemic days, so it is important for auto lenders to not only invest in digital processes, but the security solutions that must accompany them.