Detecting Synthetic Identity Fraud: A Deep Dive (1)

Key Takeaway 1 Synthetic identity fraud combines real and fabricated information to create entirely new identities for fraudulent purposes.

Key Takeaway 2 Traditional identity verification methods are often ineffective against synthetic identities, requiring advanced fraud detection techniques.

Key Takeaway 3 Early detection and robust verification processes are crucial for mitigating the financial and operational risks associated with synthetic identity fraud.

Key Takeaway 4 Didit’s platform combines multiple layers of verification and fraud signals to identify and prevent synthetic identity creation.

What is Synthetic Identity Fraud?

Synthetic identity fraud is a rapidly escalating form of identity theft where criminals create a new identity using a combination of real and fabricated Personally Identifiable Information (PII). Unlike traditional identity theft, which involves assuming an existing person’s identity, synthetic identity fraud involves building a completely new, fictitious persona. This is often achieved by combining a real name and Social Security number (SSN) – often belonging to a deceased individual – with a fabricated address and date of birth. The resulting “synthetic” identity is then used to open fraudulent accounts, obtain credit, and ultimately, commit financial crimes.

How Does Synthetic Identity Fraud Work?

The process typically unfolds in several phases:

• Identity Creation: Criminals obtain or generate PII, often sourcing SSNs from the dark web or using data breaches.
• Account Opening: The synthetic identity is used to apply for credit cards, loans, and other financial products.
• Credit Washing: Small amounts of credit are initially utilized and repaid to build a positive credit history. This is known as “credit washing” and makes the synthetic identity appear legitimate.
• Maximizing Credit: Once a sufficient credit line is established, the fraudster maxes out the accounts and disappears.

According to the Federal Trade Commission (FTC), synthetic identity fraud accounted for approximately 14% of all identity fraud reports in 2022, representing billions of dollars in losses for lenders. The ease with which synthetic identities can be created and the difficulty in detecting them make this a particularly challenging type of fraud.

Why is Synthetic Identity Fraud So Difficult to Detect?

Traditional fraud detection systems often rely on matching PII against existing databases. Because synthetic identities are new and don’t have a pre-existing footprint, they often slip through these checks. Several factors contribute to the difficulty in detection:

• Lack of Historical Data: A synthetic identity has no prior credit history or associated fraudulent activity.
• Data Silos: Information about the fraudulent components of the identity may be scattered across different databases, making it difficult to connect the dots.
• Sophisticated Techniques: Fraudsters continually refine their techniques to evade detection, including using proxies, VPNs, and constantly changing PII.

Advanced Detection Methods & Technologies

Combating fraud detection requires a layered approach employing advanced technologies:

• Behavioral Analytics: Analyzing application patterns, device information, and browsing behavior to identify anomalies.
• Link Analysis: Identifying connections between seemingly unrelated data points, such as shared addresses or phone numbers.
• Machine Learning (ML): Training ML models to recognize patterns indicative of synthetic identity fraud, such as unusual PII combinations or rapid credit line increases.
• Device Fingerprinting: Identifying and tracking devices used to submit fraudulent applications.
• Knowledge-Based Authentication (KBA): While not foolproof, KBA can add a layer of verification, though fraudsters are increasingly bypassing these checks.
• Social Security Number Trace: Validating the SSN against death records and other databases.

The most effective solutions combine these technologies to create a holistic fraud detection system.

How Didit Helps Prevent Synthetic Identity Fraud

Didit's identity verification platform is specifically designed to combat sophisticated fraud schemes like synthetic identity fraud. We go beyond traditional methods by:

• Multi-Layered Verification: Combining ID document verification, biometric authentication (face match and liveness detection), and AML screening in customizable workflows.
• Advanced Fraud Signals: Analyzing IP address, device data, and behavioral biometrics to identify high-risk applications.
• Data Enrichment: Leveraging external data sources to validate PII and identify inconsistencies.
• Real-Time Risk Scoring: Assigning a risk score to each application based on multiple factors, enabling automated decision-making or manual review.
• Reusable KYC: Allowing legitimate users to securely reuse their verified identity, reducing friction and the opportunity for fraud.

Didit’s platform helps businesses reduce false positives, improve conversion rates, and minimize losses from synthetic fraud.

Ready to Get Started?

Don't let synthetic identity fraud impact your bottom line. Request a demo of Didit's platform today to see how we can help you protect your business. Explore our pricing and start building a more secure future.

FAQ

What are the key differences between traditional identity theft and synthetic identity fraud?

Traditional identity theft involves using an existing person’s identity, while synthetic identity fraud involves creating a completely new, fabricated identity. Synthetic fraud often involves more planning and is harder to detect because there's no pre-existing credit history tied to the fraudulent identity.

How can businesses improve their detection rates for synthetic identity fraud?

Businesses can improve their detection rates by implementing a layered fraud detection system that combines multiple technologies, including behavioral analytics, machine learning, and data enrichment. A key aspect is looking beyond simply matching PII against existing databases.

What role does data privacy play in preventing synthetic identity fraud?

Strong data privacy practices are crucial. Protecting sensitive PII from breaches helps prevent criminals from obtaining the information needed to create synthetic identities. Implementing robust data security measures and complying with privacy regulations like GDPR are paramount.

What is “credit washing” and why is it important to understand?

“Credit washing” is the process of building a positive credit history for a synthetic identity by making small, timely payments on newly opened accounts. Understanding this technique is vital because it’s how fraudsters make their synthetic identities appear legitimate to lenders.