Preparing for disaster isn’t just about putting together a kit with everything you need ahead of time (though we highly recommend it), it also means making sure your employees are trained and that you have put processes in place in order to react and recover from a catastrophe.

Train Your People

Just like your people are essential to the success of your everyday business, they’re also essential to the survival of your business following a disaster. Prior to a disaster, you should organize and train your employees to fulfill the following roles:

Emergency Responders

Your emergency responders are those who are trained to react in a chaotic situation. These are the people in your dealership who can make decisions quickly and you can trust in stressful situations. Work with them to establish roles and processes and then rehearse, rehearse, rehearse.

Communications Team

Your communications team is responsible for — you guessed it —communication. These are the individuals who will keep contact information on hand for dealership employees, authorities and more. They’ll be responsible for sharing information with your employees and customers during and after a crisis.

Operations Team

Your operations team is responsible for making sure you have processes in place to protect your dealership, respond during a crisis and work towards recovery. 

Put Processes in Place

When disaster strikes, you want to rely on predetermined processes to navigate you through the chaos. Before an event happens, put processes in place to mitigate damage; talk about securing your equipment, disposing of hazardous materials and storing and backing up your data. Work with your teams to clarify roles and processes in the midst of disaster and rehearse regularly. For recovery, make sure you have a plan to assess property damages and work towards getting the business back up and running.

A disaster can be traumatic, but it doesn’t have to mean the end for your dealership. When it comes to withstanding disaster, the key is to plan, prepare and practice.

During the convention, security researchers with Avast Software set up fake Wi-Fi networks to try and hack unsuspecting attendees. During their experiment, more than 1,200 people connected and 70 percent of those exposed their identities while on the networks. Luckily, defending yourself or your dealership against these similar attacks isn’t difficult; you just have to be aware.

Almost every dealership now offers free Wi-Fi in their Service departments, so ask yourself: is your network set up to protect the identities of your customers?

Protect your customers

Offering free Wi-Fi while your customers are waiting for their car to be serviced goes a long way in making your customers happy However, their happiness won’t last long if the free Wi-Fi leads to a stolen identity. Make sure your network has the proper precautions in place to help protect their information and warn them if they’re going to provide sensitive information on a public network.

Protect your employees

Your employees have access to a lot of sensitive dealership information. When they’re on the go, many may stop by a Starbucks or log in to the free Wi-Fi at the airport. Make sure your employees are aware of the threats posed by fake networks and caution them about what information they should access while connected to a public network.

Protect yourself

While your networks may be protected, are you monitoring to make sure someone else hasn’t set up a “free” hotspot near your dealership that may fool an unsuspecting customer into logging onto an illegitimate network? Make sure your IT manager is monitoring for spoofed networks in order to protect your customers, employees and your dealership.

As hackers get smarter and smarter, it’s important to stay on guard and educate your team about potential threats. How are you protecting your dealership?

In the months leading up to the October 1, 2015 “deadline” for converting to chip-enabled credit cards, consumers generally welcomed and prepared for the change as it promised more secure in-store transactions and less chance of fraudulent card copying. For business owners, however, the daunting task of conversion exuded all the charm of a tax audit. Consequently, this past season’s holiday shoppers headed to stores with their trusty new chip cards—only to find many major retailers still using the old swipe method. Why? Because for businesses, the transition is complicated at best and downright costly at worst. Business owners have to install the terminals that accept the new cards (which cost upwards of a few hundred dollars apiece), integrate the required software, train employees, and be sure that their installation complies with the most recent payment card industry security standards. Thus, while the road to credit card security may be freshly paved with shiny new chips, some retailers, and dealers remain reluctant to travel on it.

Technology overview: How did we get here?

The rest of the world has been navigating this technological route for some time, as EMV cards, named for developers Europay, MasterCard and Visa, have been the status quo in Europe for nearly a decade. Designed to protect issuers, merchants, and consumers, the technology helps reduce the risk of fraud during physical or in-store transactions by providing an additional level of authentication at the point of sale. (The additional protection, therefore, does apply to transactions made online or by phone.) The credit cards are embedded with a microchip that generates a unique, transaction-specific code when the card is inserted, or "dipped" into the terminal. 

As the U.S. works to catch up with its global counterparts, it has yet to embrace one key aspect of EMV technology that is required in most other countries—that is, having the customer enter a PIN code at the point of sale to authorize the transaction. Americans are indeed accustomed to doing this for debit card purchases, as banks have long recognized that it provides another layer of security.

Risks and benefits of EMV technology

Despite the complications of converting, CDK advises auto dealers who have yet to make the switch to act quickly, as the costs of doing so are relatively minuscule compared to the potential liability losses. Merchants and financial institutions stand to benefit from the reduced risks of fraud and chargeback losses, as well as the minimized use of stolen or counterfeit credit and debit cards.

Compliance with Payment Card Industry Data Security Standards (PCI DSS) must still be met to ensure data is stored in a secure environment, but EMV technology makes compliance easier, more effective, and less expensive. Not complying, or inadequate compliance, could result in fines, a damaged reputation, and the loss of one’s competitive position in the market.

The shift in liability

A 2015 survey by Wells Fargo and Gallup found that 49 percent of small-business owners in the U.S. were unaware of the shift in liability that began in October. The fact is, credit card companies (American Express, MasterCard, Visa, et. al.) will no longer accept liability for fraudulent charges. That responsibility now falls on the banks or the businesses themselves—depending on which party is found to be the least compliant. Thus, dealers and merchants should take note of the following, and refer to the links at the end of this article for more information.

Dealer liability remains the same if fraud is committed when:

            1) the consumer presents a chip card and you use a chip reader

            2) the consumer presents a magnetic stripe card (no chip) and you swipe it as before

Dealership liability is greater if fraud is committed when the consumer presents a chip card, and you have a chip reader, but you swipe the magnetic stripe.

Where is this road leading?

At the moment, there are 2.37 billion chip credit and debit cards used in approximately 80 countries across the globe. Of course, EMV technology is not the be-all, end-all solution to credit card security, nor will it prevent future data breaches from happening, but in the regions where the technology is used, criminals are finding it much harder to get their hands on, or to profit from, stolen data. The chip cards will gradually replace magnetic stripe cards completely.

By the end of 2016, roughly 70 percent of credit cards and 40 percent of debit cards in the U.S. will have chips. It was widely reported in 2015 that while the U.S. accounts for only 24 percent of credit card volume worldwide, nearly half of the world’s credit card fraud occurs here—all the more reason to shift into gear and get on the road.   

Learn more:

Understanding PCI:

https://www.dharmamerchantservices.com/blog/simple-guide-understanding-pci-dds/

PCI Compliance Guide - FAQ

https://www.pcicomplianceguide.org/pci-faqs-2/

Understanding the 2015 US Fraud Liability Shifts

http://www.emv-connection.com/understanding-the-2015-u-s-fraud-liability-shifts/

Disclaimer: While this article is intended to help dealers understand the new EMV technology, dealers are reminded that even with the employment of best practices, a credit card fraud situation can still occur. CDK suggests business owners work directly with their bank or card processor to determine how to best proceed with this new technology, as they could be held responsible for a data breach occurring under the usage of outdated technology.