As thrilling as it is to watch auto dealers migrate their marketing to the web, there are still some places where they need to do their homework.
Here at Carloan.com, we work with highly sensitive consumer information every single day so we take a special interest in keeping a toe in the water in terms of online consumer protection best practices.
Our GM, Tom Feary, wrote a great piece a few months back about steps dealers can take to protect consumer information offline. Recently, we’ve noticed that there are some places online where dealers must improve their security in order to avoid serious vulnerabilities to hackers and potential consumer lawsuits.
Here are a few tips for your website to make sure that you’re doing all you can to safeguard this data, once a consumer has shared it with you:
Make sure that your financial application is encrypted. You’d be surprised how many dealers’ websites have financial applications – including those built by some reputable website providers – that are written in unencrypted HTML and do not include “https://” in the URL for their finance application. That means that the information is wide open. Any savvy consumer will not submit their application if they recognize that it’s not being protected. (And by the way, we can create a secure branded financial app for you; no muss, no fuss.)
Get consumer consent before you pull credit. It’s a bit of a stretch to call this “online security”, but think about it from their perspective. If a consumer is not actively engaged with you and sees a hard credit pull on their report – and many of them will – they will interpret that as a fraudulent action on your part and potentially sue your dealership. As far as they know, their financial information was compromised, and you are responsible. Might sound far-fetched, but we’ve seen it happen.
Most of the dealers we see out there actively engaged in the online world are using these best practices, which is great. But it’s the bad actors that make it tough for the rest of us. It’s up to you to make sure that you’re on the right side of the law and tenaciously guarding this sensitive information.
Take a look at your website and ask yourself, “how are we doing?”