The Federal Trade Commission (FTC) issued updates to its Safeguards Rule, which require dealers to undertake a new procedural, technical, and contractual steps to protect consumer’s sensitive and other personal data. The amended Rule’s requirements must be completed by June 9, 2023.
What is the Federal Trade Commission (FTC)? The Federal Trade Commission enforces antitrust and consumer protection law. Its mission is to prevent fraudulent, deceptive, and unfair business practices. The amended rule addresses the technological advances since the initial release of the Safeguards Rule in 2003.
In compliance with the amended Safeguards Rule, DealerBuilt is implementing a multi-factor authentication (MFA) procedure when logging into our system. This multi-factor authentication will be a combination of different factors, or methods, of authentication with every single login. Providing multiple credentials to verify a person’s identity during the login process can help prevent unauthorized access.
As of November 15, 2022, the FTC has extended their compliance deadline for certain FTC Safeguards Rule provisions from December 9, 2022, to June 9, 2023. Our deployment will no longer occur on November 16. We are updating our plan and are committed to completing our MFA implementation well-ahead of the updated FTC deadline. We will continue to keep our dealers informed as we finalize our roll out plan.
We have provided resources to help with your MFA journey, including a step-by-step User Guide and FAQs for your convenience.
MFA stands for multi-factor authentication, which is a combination of different factors, or methods, of authentication for a single login. There are three main categories of factors:
MFA is a standard method to minimize the risk of exposure of sensitive information accessed through the user login process. The combination of multiple factors used to gain authentication to a system increases the security of the login process.
MFA is being mandated through the amended FTC Safeguards Rule which goes into effect December 9, 2022. DealerBuilt is committed to complying with this mandated date.
The Safeguards Rule ensures that entities covered by the rule maintain safeguards to protect the security of customer information. The FTC made changes to the Safeguard Rule in 2021 to ensure it is at pace with current technology. The Safeguards Rule gives businesses concrete guidelines to follow to keep their customer information safe from cyber security incidents.
DealerBuilt’s MFA solution for users was available November 1. DealerBuilt is requiring the enrollment for all users effective November 16, 2022, to ensure we are compliant in plenty of time ahead of the FTC mandated deadline of December 9, 2022. Please reach out to your account manager to discuss the implementation further.
After evaluating several solutions, DealerBuilt chose Rublon as our MFA provider. Rublon aligns well with our architecture and allows DealerBuilt to meet the needs of our user base. They have consistently showed the flexibility and willingness to build the solutions we need to protect our data.
The management of users will be automatic using synchronization processes between the user director and Rublon console.
Currently, Rublon Authenticator is the only app compatible with the DealerBuilt system.
Current and supported versions of Apple iOS and Android OS can install Rublon Authenticator and enable factors/authenticators.
Not at this time.
DealerBuilt’s Customer Support team is available to assist with MFA.