A lesson in attack vectors from the auto insurance sector By Rory Yates , SVP of Global Strategy for EIS
CLOUD & CYBER
A lesson in attack vectors from the auto insurance sector By Rory Yates , SVP of Global Strategy for EIS
When you login to your insurance sites and apps , you β re all too often presented with a basic username or email address and password . No biometrics or second level of security . While the services on offer areβ limited , they do present data vulnerabilities . In stark contrast to banking , this feels like a gap that needs to be closed .
At this stage , most of these environments only provide a very basic level of service , reducing the amount of data in exchange . However , this becomes very different in digitised claims cycles where you can have several third-party repairers calling and asking for personal data validation .
My own experience of this has made me all too aware that sometimes we look at wider cyber threats but forget the fact that our personal data and policy information is now in the hands of several very small and not necessarily data-proficient garages .
When asked , I was led to believe that this data sat in a β secure digital β environment . When I arrived at the garage , I was instead authorising a printed document . In this case , better digital services handled by the provider would remove this risk and provide a far better customer experience akin to those pioneered by esure and others .