Automakers like Ford, Jaguar and Honda plan to enable drivers to pay for services like parking and fuel straight from their cars' dashboards.
While this arguably brings a certain level of convenience to consumers, there are several factors in-house counsel should be mindful of before their companies adopt this technology.
Jaguar and Shell, in one in-car payment partnership, announced in February that drivers can pay for gas from their car using ApplePay or PayPal.
Michael Zweiback, partner with Alston & Bird, says that in-house lawyers need to consider the potential risks of partnering with any company, but particularly, gas stations.
"Gas stations are notorious hot spots for all types of fraud," he says, adding that the technology at gas stations is "somewhat antiquated."
"There's a lot of room for consumers' financial information to be utilized in a criminal manner," he says.
As Zweiback notes, replacing technology at a gas station often requires more than switching out a handheld device. Gas stations are exempt until 2020 from installing chip-readers in their gas pumps, because of the manpower required for the multibillion-dollar renovations, according to reports.
But automakers aren't just partnering with gas stations for in-car payments. Honda and Visa are working together so that customers can pay for smart parking meters.
Ford's in-car payments will look slightly different in its new partnership with Amazon. Using Amazon's cloud-based voice service, "Alexa," Ford drivers will be able to order products online from their car, in addition to other functions such as starting the car or playing an audiobook while driving.
Zweiback warns that, regardless of the platform for in-car payments, automakers will need to be prepared for backlash if the proper security measures are not taken. "It won't take a very creative plaintiff's lawyer to go after a major car manufacturer," he says.
That's where the importance of due diligence in vendor contracts comes in.
Marjorie Loeb, partner with Mayer Brown's Chicago office in the autonomous vehicle division and former general counsel for Fiat Chrysler US, says that general counsel in the auto industry need to be clear with credit card company partners about which company is taking on which responsibilities.
For instance, with General Motors and Mastercard's agreement where customers can make in-car payments with OnStar, hypothetically, the two companies likely decided on a straightforward arrangement where it is clear whether the customer is entering a relationship with the automaker or the credit card company, Loeb says.
"From the consumer standpoint, it's important to know who you blame if something runs afoul," she says. "As GC of these auto companies … I want to make sure I have adopted privacy and cybersecurity [policies] that live up to what the customer needs. If I'm Mastercard, letting GM use that data, I want to make sure my reputation isn't going to be tarnished."
Adding credit card information to a vehicle's systems is just one more data point that automakers' general counsel have to be aware of in terms of data collection and privacy. "The FTC has made clear to the … auto companies: failure to protect private data is something they will seek enforcement over," Loeb says.
Jeffrey Taft, a partner with Mayer Brown in Washington D.C., says that there are some unique considerations for automakers—such as the identification and certification process for in-car payments. He gave examples of drivers giving their cars to a valet attendant or loaning their vehicle to a family member.
Automakers and their partners will "have to figure out ways to shut off [an individual's account] or assign other cards to it," Taft says.
But at the end of the day, Taft says, there is little difference between in-car payments and paying with a mobile wallet on a smartphone. "That's something people are doing right now with their cellphone," he says. "Some believe there's less ability to breach the wallet because it doesn't remit payment information every time."
For in-car payments, Taft doesn't necessarily think that fraud is inevitable, but acknowledges "payment methods are not infallible."
"I'm not sure it would present any greater risk of fraud than anything else, but I would never say anything is beyond the ability to be hacked or compromised," he says.
Reprinted with permission from the April 17, 2017 edition of Corporate Counsel © 2017 ALM Properties, Inc. All rights reserved. Further duplication without permission is prohibited.