auto dealer in black and red logo
MenuMENU
SearchSEARCH

EFG: Digital Retailing, Online F&I Increasing Data Security Risks for Dealers

The F&I product provider issues a call to action to dealers, finance sources and its partners, warning that data security is one of the largest areas of concern in 2018.

by Staff
February 14, 2018
EFG: Digital Retailing, Online F&I Increasing Data Security Risks for Dealers

John Pappanastos, CEO and President of EFG Companies

3 min to read

DALLAS — F&I product provider EFG Companies said this week that data security is one of the largest areas of concern in 2018 for retail automotive dealers, lenders and their partners.

Citing data from the Identity Theft Resource Center and CyberScout, the company noted that 1,579 data breaches occurred in 2017, a 44.7% increase from the year prior. It’s the reason the company invests approximately a quarter of a million dollars on data security enhancements annually, achieved SSAE-16 certification in 2016, and has an ongoing digital security plan that enables it to implement enhanced safeguards ahead of need, officials said.

While retail automotive has been regulated under the Safeguards Rule of the 1999 Gramm-Leach Bliley Act, digital data was not considered an important area of focus until recent years. This risk, according to the F&I product provider, is driven in part by the rise of digital technology in the automotive market.

From wirelessly connected cars to digital customer relationship management systems (CMS), data access points have increased exponentially. A recent Frost & Sullivan report indicated that IT spending in the connected automotive market is projected to increase 17.3% from 2015 to 2025, the firm noted. However, the industry is just beginning to address how to protect private consumer information in a digital environment.

In the physical realm, it takes less than one minute and three pieces of information for a motivated thief to execute a security breach at a retail automotive dealership, the firm said. In the digital realm, a computer hacker can gain access to payment processing software in seconds, grabbing data and exiting before the dealership is aware of the breach. According to a 2017 study commissioned by IBM, the average cost of a single stolen data record is $141. The average total cost of a security breach was $3.62 million. The average probability of a company suffering a security breach within the next two years is 27.7%. 

“Machine learning and sophisticated hacking software will make data security an even more important component of the retail automotive sector,” said Maurice Hamilton, vice president of technology at EFG Companies. “For example, we believe any company processing credit cards should complete PCI DSS compliance. Within three years, companies should also implement two-factor authentication. Granted, implementing data security technology is an expense. But, as research has shown, companies cannot afford a breach.”

The company noted in its press release that a study of more than 10,000 consumers by Gemalto revealed that 70% of consumers would stop doing business with a company if it suffered a data breach. Additionally, 69% of consumers believe that companies do not take consumer data security seriously. EFG Companies recommends using the acronym ADRIFT to ask the following questions as the first step in achieving data security:

1. Have I conducted a complete security risk assessment, including all access points and partners?

2. Does my written “Information Security Program” document include procedures for each department that handles digital and physical consumer data?

3. Have I reviewed all reasonably foreseeable risks that could result in unauthorized disclosure or compromise of consumer data? Am I protecting customer information from collection to disposal?

4. Have I identified a designated person responsible for customer information security, with authority to implement the program?

5. How do I foresee manageable risks that could result in unauthorized disclosure of private consumer information? For example, am I overseeing partners that might have access to, or take possession of, customer information? Do my agreements with these partners require them to implement appropriate safeguards?

6. Does my company have sufficient training, oversight, and procedures for securing private consumer data?

“From vulnerable photocopier hard drives to digital CRMs, we believe digital data security should be a key business objective for every retail automotive dealer, lender and partner,” said John Pappanastos, CEO and president of EFG Companies. “While important, simply locking a file cabinet or putting a screen protector on a monitor is not sufficient. We are calling on all participants in the retail automotive chain to lock down their data.”

Topics:breachdata securitytechnologydigital retailingonline F&IEFG CompaniesDealer Ops

Originally posted on F&I and Showroom

More Dealer Ops

two cars on a billboard, No Hidden Fees
ComplianceMay 1, 2026

Dealer Ads and the FTC

The agency has made it clear in recent enforcement actions and warnings, in auto retail and other industries, that advertised prices must include all nonoptional costs to the consumer.

Read More →
Closeup of white car's headlight, front end
Dealer Opsby Hannah MitchellApril 17, 2026

Used Autos Supply Dwindles

The March shopping surge, despite high prices, cut into inventory by the most since the thick of the pandemic, Cox Automotive analysts calculated.

Read More →
hands making protective frame over red car, Risk Reality Check, Be Proactive, Auto Dealer Today logo
Dealer OpsApril 1, 2026

Managing Risk Effectively Through Changing Times

The variables influencing risk pricing have changed significantly over the past five years. Being proactive and responsive to emerging trends is not optional but essential.

Read More →
Ad Loading...
Car key, stacks of coins, and a paper car cutout with AutoPayPlus logo, representing auto financing, loan terms, and vehicle affordability trends.
Dealer Opsby StaffMarch 31, 2026

Survey Reveals What Won't Fix What's Breaking Car Sales

AutoPayPlus says extra-long auto loans are trapping consumers and threatening the dealer trade-in cycle, and that the industry is leveraging the wrong tools to combat high MSRPs.

Read More →
Headshots of two male executives
Dealer Opsby StaffMarch 24, 2026

IA American Appoints Two Execs

Senior vice presidents of the company's agent and dealer channels chosen to support general agents and help auto dealers with sales and performance.

Read More →
Dealer Opsby StaffSeptember 8, 2025

Cox Automotive Acquires Inspection Firm

Full ownership of Alliance Inspection Management, or AiM, meant to unlock growth for Manheim inspection capabilities

Read More →
Ad Loading...
Dealer Opsby StaffAugust 26, 2025

Assurant Expands Partnership With Holman

Extended collaboration delivers training, products and performance development to 30 newly acquired Holman dealerships

Read More →
Dealer Opsby Hannah MitchellAugust 26, 2025

Franchises, Throughput Down in First Half

A handful of states see franchise growth through June, while EV sales per store boost overall business in U.S.

Read More →
Dealer OpsAugust 25, 2025

How to Build a High-Performance Sales and F&I Team

Performance and profits start with people chosen and led the right way.

Read More →
Ad Loading...
Dealer Opsby Hannah MitchellAugust 19, 2025

Buy-Sells Up in Q2

Kerrigan metrics show there’s plenty of demand, though many sellers are waiting to pull the trigger.

Read More →
View All