Guide to Synthetic Identity Fraud & Theft: Prevention & Solutions

Guide to Synthetic Identity Fraud & Theft: Prevention & Solutions

Author avatar

April 1, 2021 by Bence Jendruszak

Your business probably already has a KYC Procedure designed to confirm user identities. The problem? How does it work if the IDs are from real people, but with bad intentions?

This is precisely what makes fighting synthetic identity fraud so hard. You can’t just look at the documents. You also have to guess the intent. 

Luckily, this isn’t as hard as it sounds with the right risk management tools – even when there were 14 Million reported stolen IDs in 2019 alone.  Let’s break it down below.

What is Synthetic Identity Fraud?

Synthetic ID fraud includes any kind of criminal action that uses a combination of fake IDs and real user data. It includes onboarding, bypassing KYC checks, or creating a fake address to process a fraudulent transaction.

What is a Synthetic ID?

A synthetic ID is stitched together based on real and fake information. It can also be made of multiple people’s personally identifiable information (PII). For instance, using a real social security number from one person, and combining it with another’s credit card details. 

Types of Synthetic ID

Synthetic IDs can either be:

  • Manipulated: combining real user documents and fake, made-up data/
  • Blended: using real information from multiple sources.
  • Manufactured: for instance, a social security number that is randomised to fall within the right range.

Key Characteristics of a Synthetic ID

A synthetic ID is always stitched from various data sources. However, it can be used to: bypass KYC checks, build stronger credit scores, or simply go undetected by a fraud management system.

The Cost of Synthetic Identity Theft and Fraud

Based on the 2021 Future of Fraud Forecast, Experian reports that synthetic ID fraud or synthetic identity theft is the fastest-growing type of financial crime. Based on Experian’s own definition, it accounts for 80% of credit card fraud losses, and nearly 20% of chargebacks.

Synthetic Identity Fraud vs. Traditional Identity Fraud

Traditional identity fraud is perpetrated in real-time. Sending phishing emails from an account takeover, for instance, constitutes an example of direct identity fraud. Synthetic identity fraud, however, tends to be cultivated over time by more sophisticated criminals.

Their goal is to fly under the radar for as long as possible, as they want to create a new account and use it in the long term. This is important because it highlights a key challenge of fighting this kind of fraud.

The criminals who rely on these techniques are patient, calculated and sophisticated. They also tend to be organised, which we can use against them to our advantage. 

An Example of Synthetic Identity Fraud

Let’s look at a typical example, where a fraudster applies online for a credit card. 

First, the fraudsters will obtain IDs from stolen marketplaces. They create a fake profile with said documentation, and diligently pay their bills for years. After a while, they can ask for the limits to be raised.

When the limits are sufficiently raised, they will max out their credit card limit, do a “bust out” and simply disappear. By the time the banks attempt to get their money back, they realise the person doesn’t exist.

  1. Fraudster acquires personal information + forged IDs
  2. They use parts of it to apply for a credit card
  3. They borrow money and repay diligently for years
  4. When the limit is raised, they max the card and disappear
  5. The bank tries to collect their money… and there’s nobody there.

What Kind of Stolen Information is Used in Synthetic ID Fraud?

Identity theft and fraud go hand-in-hand. Criminals will stop at nothing to acquire records that help them create fake profiles. This includes stealing:

  • Tax-related information: in the US especially, tax information from the IRS can be used to recover extra personal data.
  • Medical identity theft: medical information is also often used to apply for prescription drugs or to file insurance claims under someone else’s name.
  • Child identity theft: proof that fraudsters will stoop as low as they can, children records are often used to apply for credit cards or online loans. This works because their credit scores are either neutral or nonexistent, and it will take many years before anyone realises the information was compromised.

What is Causing the Rise in Synthetic Identity Fraud?

Synthetic ID fraud is on the rise, because fraudsters have access to a growing number of options to access

Data Breaches Mean IDs Are Easier to Source

Sourcing ID documents is child’s play for fraudsters. They can hop on the dark web and purchase huge lists from leaked databases, at surprisingly competitive rates.

While a data breach can be useful for ID verification, the information is more likely to cause a vicious cycle of account takeovers, fake account openings, and a rise in the number of synthetic IDs.

An Increase in People Willing to Sell IDs

Adding to the challenge of widely available stolen documents, many people willingly sell their IDs in exchange for a fee. 

This is especially true in the aftermath of the global COVID-19 pandemic. The general population worldwide has taken a financial hit, and fraudsters were quick to exploit the situation. 

They offer to buy personal details or to borrow people’s bank accounts to hide their synthetic identity fraud activities. Here are a few options:

  • Money mules: a money mule is a person who transfers stolen money on behalf of others. It’s also referred to as a “smurfer”, or “squaring”. Under 25s are particularly at risk, and money mules may find themselves complicit in money laundering schemes.
  • Bank drop: the account that money mules will use to receive and transfer illicit funds.
  • Rent-an-ID: in the underground economy, we’ve seen a proliferation of services that blatantly ask people to rent out their documents, in exchange for payment.
  • Clearnet fake document services: can’t provide the right documentation? No problem – a growing number of clear net services offer photoshopping IDs for fraudsters, helping them bypass KYC checks using selfie IDs.

The takeaway: there’s no shortage of resources available to stitch together the perfect ID, tailored to defraud your online services.

The Prevalence of Fake ID Services

What if fraudsters run into heavier KYC checks in the form of document uploads? Barely an inconvenience: they can simply purchase a document-forging service, which are plentiful, affordable, and surprisingly effective.

How to Prevent Synthetic Identity Fraud?

Traditionally, an effective way to identify a fake or stolen ID in the context of synthetic identity fraud was to rely on OSINT techniques. OSINT, or open-source intelligence, is a collection of processes that looks at publicly available data and cross-references against the suspicious profile.

The problem? It’s time-consuming and resource-heavy. If you use pro databases from Experian, Pipl or white pages, it can also be a costly method. 

Last but not least, this type of risk management requires eagle-eyed specialists, with proper training and education. 

So how do you identify those adept at evading synthetic fraud detection, and at scale? With the right technology.

How to Detect Synthetic Identity Fraud?

Let’s be clear: there’s no magic bullet when it comes to synthetic identity fraud detection. You’ll need a multi-layered approach, ideally combining all the technologies mentioned below. But let’s break them down one by one:

#1 Device Fingerprinting

If fraudsters are successful, they tend to target the same companies multiple times. The challenge for them isn’t to create hundreds or thousands of synthetic IDs. It’s to make it look like they are all connecting to your site as unique users.

This is why a device fingerprinting module is so effective. You can instantly flag user connections that point to:

  • Proxy usage
  • Tor connections
  • VPN use
  • Strange browser setups
  • Suspicious hardware configuration
  • Emulators

The key here is not just to focus your attention on strange configurations of software and hardware, but also to highlight connections between users.

By logging each device setup as a unique ID, you can notice patterns that could point to bot use, or repeat attacks from the same fraudulent organisations.

#2 Reverse Social Media Lookup

An interesting technique to spot synthetic identity fraud? Look at their online digital footprint. This includes email and phone number analysis, to see if their details appear legitimate, but one of the most effective techniques is undoubtedly social medial lookup.

You can perform a reverse email address or phone number search, and see if they have been used to register to social media platforms. Read a comparison of the best email lookup tools here.

This has three key benefits:

  • You can use their social media profiles to confirm their identity.
  • An absence of social media information may point to fraud.
  • The kind of social media networks users are subscribed to can also help with credit scoring.

Because SEON can check 20+ social media networks and a growing number of platforms in emerging markets.

#3 Behaviour Analysis via Velocity Rules

Last but not least: it’s not just about looking at data points, but about understanding user behaviour. This is particularly important for the more sophisticated attacks, and those perpetrated by money mules who use their real IDs the whole time.

In fraud management terms, this is examined via custom rules and velocity rules. These are rules that aren’t necessarily complex, but that can analyse a wide variety of data points, including timeframes. 

Here are some examples:

  • How quickly did the user go through the entire KYC process?
  • What about the user authentication stage?
  • Did they enter a social security number in one keystroke?
  • How many times has a similar browser/hardware setup appeared in the last 10 days?
  • How frequently do they request to raise their credit limit?

Of course, the sky’s the limit with the kind of data you want to examine. But the key here is that you can identify suspicious behaviours, even from fraudsters who have already managed to infiltrate your platform.

A whitebox machine learning system, for instance, is particularly adept at catching matching behaviour from fraudsters who passed the KYC stage. If you are consistent in your reporting and use enough feedback mechanisms, you can begin understanding behavioural patterns that may point to the most undercover and sophisticated fraud.

Conclusion: Better Detection With a Multi-Layered Approach

When it comes to synthetic identity fraud, synthetic identity theft the sophistication and resources of criminal organisations increases daily. For targeted companies, it’s not enough to simply implement static ID checks fraud rules and to leave them run on autopilot. 

The good news, however, is that you don’t have to waste all your resources on intensive manual reviews for identity proofing. Using sophisticated risk tech, you can combine tools to create a net that will filter out bad users, and only allow in those who will help your company reach its goals.

Synthetic Identity Fraud: One Infographic to Understand it in 5 Mins

SEON Infographics - Synthetic Identity Fraud

Synthetic Identity Fraud FAQ (Frequently Asked Questions)

How do people create synthetic identities?

To create a synthetic identity, you need some kind of real document to begin with. It could be a name, address or social security number. The fraudster then modifies or tweaks the information for their need.

Why do fraudsters use synthetic IDs?

Synthetic IDs are harder to detect than obviously fraudulent IDs because they contain an element of truth (the person’s ID documents). This is why fraudsters use them to bypass KYC checks or for fraudulent transactions, amongst others.

What are some warning signs of identity theft?

If you notice strange payments on your statement or start receiving suspicious emails, it’s possible some of your ID documents have been stolen and used for synthetic IDs.

You might also be interested in reading about:

Learn more about:

Data Enrichment | Browser Fingerprinting | Device Fingerprinting | Fraud Detection API | Machine Learning Fraud

Related Source for this article:

Share article

Learn more about our products


Author avatar
Bence Jendruszak

Bence is the co-founder and COO of SEON whose vision is to create a safer online environment for merchants in high risk verticals.

Sign up to our newsletter