What is synthetic identity theft?

Synthetic identity fraud is one of the fastest-growing crimes in the United States. After all, the latest statistics show that the net fraud rate is rising both in America and Europe. They also show us that America is now one of the five most fraudulent countries in the world. 

Synthetic identity theft occurs when someone uses a combination of real and fake personal information (or entirely fake information) to create an identity and  commit fraud. 

For example, when committing synthetic identity theft, a fraudster may use a real social security number. They will then combine this with fictitious information, such as false names and addresses that aren’t linked to that account. Synthetic identity theft is also linked to document tampering, which is a different type of fraudulent attack.

Understanding the types of synthetic fraud

Generally speaking, the methods used by fraudsters when creating synthetic identities fall into two categories: manipulated synthetics and manufactured synthetics. Let’s look at each of these in greater detail and outline the methods involved.

Manipulated synthetics

With manipulated synthetics, the fraudulent identities generated are based on real identities. In these instances, limited changes are made to an individual’s social security number or personally identifiable information.

An individual will often use a manipulated identity to hide their history and gain access to credit. For example, someone with a bad credit history may create a fictitious identity in order to be approved for credit. Manipulated identities are not always created with malicious intent, and in this instance the customer may intend to repay the credit they receive.

Manufactured synthetics

Manufactured synthetic identities used to be composed of valid pieces of data that were assembled from multiple identities and then stitched together. For example, one person’s social security number would be matched with a different person’s address and a third person’s name. For this reason, they were also referred to as ‘Frankenstein identities’.

However, although this method is still in operation, today fraudsters instead usually build these identities using invalid information. This includes creating random social security numbers from the same range of numbers the Social Security Administration now uses to issue social security numbers to genuine citizens. 

Following this, the fraudster then adds personally identifiable information that does not belong to any known customer. Criminals switched to using this technique as this form of manufactured synthetics is much more difficult to detect. 

Why synthetic fraud and ID theft is so dangerous

Synthetic fraud is incredibly dangerous and is a major problem facing the financial sector. Unlike third-party fraud, where an entire identity is stolen and used to defraud enterprises and victims, synthetic fraud frequently has no specific consumer victim.

While at first glance this may seem like a good thing, it actually makes this type of fraud more dangerous. This is because, without a specific victim, it becomes very difficult for a business to detect and stop the fraud from taking place.

On top of this, if there’s no victim of fraud, there’s also nobody to alert the organization that fraudulent activity is taking place. Due to this, a fraudster who successfully opens an account with a synthetic identity can keep that account open for months or even years. In doing so, they can make payments and increase the amount of credit available, max out the credit available to them, and then disappear without a trace.

As there’s no genuine customer who is a victim of the fraud, the true victims of synthetic identity theft are the lenders who are left to absorb what can be incredibly high losses.

Detecting synthetic ID theft

Sadly, synthetic identity theft is one of the most difficult types of fraud for businesses to detect and guard against; particularly because fraudsters are beginning to employ advanced and sophisticated methods to make it look like these identities belong to real customers who have limited credit histories.

Adding to this, it’s very difficult for financial institutions to detect that synthetic identity fraud is currently taking place. This is because fraudsters establish a history for the synthetic identity and build a payment history before they use the identity for nefarious purposes. Due to this, it often looks like the account of an individual who is experiencing financial difficulties, rather than an account that is owned by a criminal who is deliberately racking up charges.

That said, businesses can put systems and processes in place to help them detect synthetic identity theft. For example, financial institutions can employ machine learning and artificial intelligence in order to understand customer behavior patterns and spot anomalies. On top of this, organizations can improve the way they establish customer identities by analyzing and connecting a greater variety of data points, including third-party data sources.

The easiest way for businesses to prevent identity fraud is to introduce sophisticated identity verification methods. While a synthetic identity that combines a real social security number with fake data may be able to bypass a credit bureau check, it will not fool an identity verification platform, which will spot the inconsistencies in the data provided. On top of this, establishing such a system will also mean that the fraudster needs to submit a fraudulent identity document, which would also be flagged by the system.

How to protect yourself from synthetic fraud attacks

Although the onus on detecting and preventing identity fraud is largely placed on businesses, customers must also keep their information protected and ensure it cannot be stolen and used by fraudsters. This is crucial in the battle to detect and prevent identity fraud.

Due to this, businesses should encourage their customers to:

• Monitor their credit score regularly
• Lock or freeze their credit reports in order to stop other people from opening an account in their name
• Be careful with the information they share with others and on social media
• Keep an eye on their email and be suspicious about opening unusual links
• Be aware of the latest methods used by fraudsters, including phishing attacks and malware attacks

Of course, unless a customer is complicit in creating or using a synthetic identity, they won’t be responsible for any of the fraudulent activity. However, they should still be guarded with their information and take proactive steps to prevent fraudsters from accessing this information.

Examples of synthetic ID theft techniques to look for

In order to make the synthetic identity appear real, fraudsters will employ a variety of tactics. The more real they can make the identity appear, the higher the level of payout they can expect to receive.

Due to this, a criminal may attempt to:

• Create false identity documents for the fraudulent identity
• Establish a social media presence
• Use drop addresses
• Create fake businesses

In carrying out these techniques, the criminal can build a credit history much more quickly.

If the criminal in question is adept at committing synthetic identity theft, then they will likely employ these techniques simultaneously and at scale.

How does Veriff help?

Our identity verification solution can help you stop fraudsters at the gates. As well as locking bad actors out, it also makes it easy for honest customers to access your services.

It can verify more than 10,000 government-issued documents and allows users to select between 45 languages and dialects. On top of this, although it runs advanced fraud prevention methods such as browser and device analytics, background video checks, and data cross-checking methods, these happen in the background. This means maximizing accuracy without cutting your conversion rates.

When you employ the use of our solution, you can also make sure you only enable the checks you need. Optional features make it possible to scale fraud protection up or down according to your requirements for compliance, speed, and conversions.

Finally, with our solution, you can also view session statuses in real time, manage multiple integrations, and automate the flow of information with webhooks in one place. This means you’ll always have live data at your fingertips.

Speak with the fraud prevention experts at Veriff

If you’d like to learn more about how our identity verification platform can help your business fight against synthetic fraud, then speak to our fraud prevention experts today. We’d love to provide you with a personalized demo that shows exactly how our solutions can help you.