Synthetic Identity Fraud: Hiding in Plain Sight

Jul 20, 2022

Fraud detection and mitigation is big business for banks and other financial institutions (FIs). Organizations spend billions annually fighting fraud, and fraudsters claim billions more through carefully orchestrated and executed schemes. One of the most insidious types of fraud is also one of the fastest growing – synthetic identity fraud (SIF).

Synthetic identity fraud is “a type of fraud in which a criminal combines real and fake information to create a new identity…[which] is used to open fraudulent accounts and make fraudulent purchases.1

Components of a synthetic identity – like SSN, birthdates, addresses and other personally identifiable information (PII) – are cobbled together from information obtained by data breaches or hacking.

Big Impacts for Banks

Between 2016 and 2020, SIF losses grew from $6B to $20B2. Synthetic identity fraud makes up 85% of all fraud3 and, according to SentiLink Boston, is estimated to represent 5-10% of charge-offs.4

233% Increase in Fraud Attack Rates

Feedzai Q2 2022 Financial Crime Report5

A 2022 report by Javelin Strategy noted that the overall identity fraud impact in 2021 (combining traditional identity fraud and identity fraud scam statistics) affected 42 million US consumers and resulted in a total loss of $52 billion.6 The Aite-Novarica Group estimates that synthetic identity fraud for unsecured US credit products will grow from $1.8B in 2021 to $2.4B in 2023.7

This kind of fraud is expensive and rampant. What can banks and other FIs do to keep synthetics from sneaking into their portfolios?


Sinister and Stealthy

One of the primary challenges of detecting a synthetic identity is that it often appears to be a new-to-credit consumer. When the fraudster unleashes the ID and initially applies for a loan or credit card, the application will most likely be rejected because the bureaus do not have any information on file.

But that simple act of applying – and being rejected – creates a new bureau file, which allows the fraudster to continue using the information for subsequent credit applications. Once tradelines are associated with the synthetic ID, the fraudster can continue to build and utilize credit until the inevitable bust-out, leaving the issuer with uncollectable debt.

One compounding issue with synthetic ID fraud is that criminals usually play a long game. They will build credit using the synthetic identity “over a period of six months to five years”8 and often use the same fraudulent ID to open multiple lines of credit. At the end of the scam, they will max out all of their available lines and disappear.

Banks globally have listed cyber fraud and data breaches as their number one concern.9

According to a 2019 KPMG survey, less than 25% of fraud losses are ever recovered. The low recovery rate and high cost of pursuing fraudsters often make write-offs the most economically viable option. However, these charge-offs are often miscategorized as a credit loss instead of an operating loss, driving higher loan loss reserve requirements.10

Neutralizing Fraud:

Keep Bad Actors at Bay

Stopping Synthetic Identity Fraud

All this begs the question: How can banks and FIs stop synthetic ID fraud? The reality is that only a multi-pronged approach can help stem the tide, without adversely impacting the customer experience.

Zoot partners like SentiLink and Boston Consulting Group can help during the application phase – scoring applicants on the likelihood that they are synthetic and providing SSN verification as a new electronic Consent Based Social Security Number Verification (eCBSV) provider; can help identify applications that need to be stopped early.

Other partners can identify “digital body language” in the application process to help identify signs of false identity.

Other potential avenues to identify synthetics in the application process can include biometric screening and document verification. By combining multiple scores and insights, banks and FIs can get more clarity about whether an applicant may be using a synthetic identity.

Putting all those pieces in place during the application process can be challenging, but it doesn’t have to be. With the right origination partner, FIs can easily tap into any number of data and service providers and layer their offerings exactly where they want in the application process.

Zoot gives FIs the control they need to access the data they want, and the flexibility to put that data where they need it. With Zoot, FIs can “take [the] necessary measures to protect themselves to protect themselves from synthetic identity fraud using all the tools at their disposal.”11

Ready to incorporate a Zoot Solution into your stack?