How Businesses Can Fight The Growing Threat Of Synthetic Identity Fraud

How Businesses Can Fight The Growing Threat Of Synthetic Identity Fraud

Glenn Larson is the Chief Technology Officer of Document & Biometrics at GBG (Acuant & IDology) and a member of the Forbes Technology Council, an invitation-only community for world-class CIOs, CTOs and technology executives. Read his article for the Forbes Technology Council below, or find the original here.

One of the most pervasive and fastest-growing types of identity fraud is known as synthetic identity fraud. So much so that it is now the largest form of identity fraud in the nation. In 2020 alone, losses due to synthetic identity fraud topped $20 billion, and there are no signs of it slowing down. And individual consumers are far from the only victims of fraud; companies of all types can lose vast sums to synthetic identity fraud.

What is Synthetic Identity Fraud?

Unlike mere identity fraud, synthetic identity fraud creates a new identity by using multiple data points. This type of fraud is when fraudsters manufacture information to represent a “real” identity while simultaneously subverting mechanisms deployed to validate identities. There are multiple ways to create these “Frankenstein” identities, such as using valid social security numbers (e.g., SSNs assigned to children) along with fake PII data. Scammers like these types of fake identities because they are more difficult to spot and track down.

Synthetic identity fraud is one of the most sophisticated types of fraud corporate security teams must contend with today and is top of mind for risk and fraud executives. Of all the fraud perpetrated across industries, a report by our parent company found that of the businesses surveyed, 23% saw synthetic identity fraud as the most prevalent fraud scheme in their industry.

It’s important to note that synthetic identities are not only a fraud issue but also a compliance one, particularly for banks and financial institutions. With the increased regulatory focus on Know Your Customer (KYC) checks, an approved fabricated identity means there’s a serious issue in a company’s KYC process that is allowing fraudsters to appear as “trustworthy.”

What’s Fueling Growth?

There is no shortage of sources that continue to be a significant threat to individuals’ PII. Whether it’s through cyberattacks, data breaches, sophisticated fraud schemes or compromised credit history sources, criminals have a treasure trove for illicitly accessing this information. More so, these identity sources have fueled synthetic identity fraud—with people’s personally identifiable information exposed and readily available on the dark web, fraudsters have the key ingredients to create realistic synthetic identities.

Patience is a virtue in the world of synthetic identity fraud because fraudsters play the long game, typically lying dormant for several years. Attackers may keep accounts open and active for as many as five years, making seemingly routine transactions and payments to avoid detection. Finally, though, the fraudster will “bust out” or draw down all the available credit, and there is no real person to collect losses from.

The Benefits Of Orchestration

Models designed to detect other types of fraud using sophisticated machine learning techniques are surprisingly ineffective when it comes to synthetic identity fraud due to a lack of reliable data available to train models to detect synthetic identities, with many looking just like real identities. As such, industry analysts and fraud experts agree that the detection and remediation of synthetic identity fraud requires a layered approach.

This means using orchestration to combine a range of data sources and signals, including the verification of documents and biometrics, to help detect synthetic identities. Orchestration, which involves testing the veracity of a person’s identity against multiple sources, can both verify identity and reduce risk. Effectively putting this information to use requires a comprehensive orchestration layer, but unfortunately, most of the orchestration solutions in the market today act as a gateway to services, without the clear capability for data modeling, and without comprehensive business logic.

The Bottom Line

Fraudsters see the billions of dollars they can bilk through identity fraud, and they’re highly motivated to ply their trade. They’re also highly skilled and well-capitalized. But business leaders, as well as fraud and compliance executives, are by no means defenseless. A modern, robust orchestration layer in an identity module can be an effective tool in the fight against synthetic identity fraud. By deploying a multi-pronged, holistic approach to identity proofing, businesses can protect their brand reputation and their customers’ bank accounts without compromising on the effectiveness of the proofing process or on customer experience.

 

Questions?

Let's Talk Support