Safeguarding Your Data

Multi-Factor Authentication

The Federal Trade Commission (FTC) issued updates to its Safeguards Rule, which require dealers to undertake a new procedural, technical, and contractual steps to protect consumer’s sensitive and other personal data.  The amended Rule’s requirements must be completed by June 9, 2023.

What is the Federal Trade Commission (FTC)?  The Federal Trade Commission enforces antitrust and consumer protection law.  Its mission is to prevent fraudulent, deceptive, and unfair business practices.  The amended rule addresses the technological advances since the initial release of the Safeguards Rule in 2003.

In compliance with the amended Safeguards Rule, DealerBuilt is implementing a multi-factor authentication (MFA) procedure when logging into our system.  This multi-factor authentication will be a combination of different factors, or methods, of authentication with every single login.  Providing multiple credentials to verify a person’s identity during the login process can help prevent unauthorized access.

As of November 15, 2022, the FTC has extended their compliance deadline for certain FTC Safeguards Rule provisions from December 9, 2022, to June 9, 2023.  Our deployment will no longer occur on November 16.  We are updating our plan and are committed to completing our MFA implementation well-ahead of the updated FTC deadline.  We will continue to keep our dealers informed as we finalize our roll out plan.

We have provided resources to help with your MFA journey, including a step-by-step User Guide and FAQs for your convenience.

Frequently Asked Questions

What is MFA?

MFA stands for multi-factor authentication, which is a combination of different factors, or methods, of authentication for a single login.  There are three main categories of factors:

  • Something you know, such as a password or PIN
  • Something you have, such as an authenticator app, SMS enabled phone, or an email address
  • Something you are, such as a fingerprint, reginal pattern, or face or voice recognition

Why is DealerBuilt implementing MFA?

MFA is a standard method to minimize the risk of exposure of sensitive information accessed through the user login process.  The combination of multiple factors used to gain authentication to a system increases the security of the login process.

Why is MFA being implement now?

MFA is being mandated through the amended FTC Safeguards Rule which goes into effect December 9, 2022.  DealerBuilt is committed to complying with this mandated date.

What is the Safeguards Rule?

The Safeguards Rule ensures that entities covered by the rule maintain safeguards to protect the security of customer information.  The FTC made changes to the Safeguard Rule in 2021 to ensure it is at pace with current technology.  The Safeguards Rule gives businesses concrete guidelines to follow to keep their customer information safe from cyber security incidents.

When can I get my dealership active on the MFA solution?

DealerBuilt’s MFA solution for users was available November 1.  DealerBuilt is requiring the enrollment for all users effective November 16, 2022, to ensure we are compliant in plenty of time ahead of the FTC mandated deadline of December 9, 2022.  Please reach out to your account manager to discuss the implementation further.

What provider will DealerBuilt be using to manage MFA?

After evaluating several solutions, DealerBuilt chose Rublon as our MFA provider.  Rublon aligns well with our architecture and allows DealerBuilt to meet the needs of our user base.  They have consistently showed the flexibility and willingness to build the solutions we need to protect our data.

If I add a new user, do I need to do anything to ensure they are activated on MFA?

The management of users will be automatic using synchronization processes between the user director and Rublon console.

Will other authenticator apps be available, or is Rublon Authenticator the only one?

Currently, Rublon Authenticator is the only app compatible with the DealerBuilt system.

What mobile OS are supported by Rublon Authenticator?

Current and supported versions of Apple iOS and Android OS can install Rublon Authenticator and enable factors/authenticators.

Will Rublon work with other authenticator apps like Google Authenticator?

Not at this time.

How do I get support for MFA?

DealerBuilt’s Customer Support team is available to assist with MFA.