Article

Synthetic Identity Fraud: What Is It & How to Detect it

What Is Synthetic Identity Fraud?

Synthetic identity fraud is a form of fraud where criminals create a fake identity by blending real and fabricated personal information. This fictitious identity is then used to defraud businesses, bypass KYC checks, exploit promotions, secure loans, make purchases with stolen cards, and launder money. Because synthetic identities often mix authentic and fake data, they appear legitimate, making detection challenging and posing a significant threat to financial institutions and other industries reliant on precise identity verification.

Fraudsters employ various techniques to create synthetic identities:

  • Manipulated identities: Combining authentic documents with made-up information.
  • Blended identities: Merging real data from multiple sources.
  • Manufactured identities: Fabricating entirely new details, such as randomized social security numbers that fit within valid ranges.

How Are Synthetic IDs Created?

Synthetic ID creation typically follows these 4 steps:

  1. Identity Creation: The fraudster blends stolen, manipulated, or entirely fabricated data to create a synthetic identity. For instance, they might use a real but inactive social security number stolen from a child.
  2. Credit Application: Initially, the fraudster applies for credit to establish a credit history for the synthetic identity. This often requires multiple attempts as lenders are cautious with new, unproven identities.
  3. Building Credit: Once approved for a small line of credit, the fraudster meticulously builds a positive credit history by making regular payments. This improves the synthetic identity’s credit score over time.
  4. Exploiting Credit: With an enhanced credit score, the fraudster applies for larger lines of credit, eventually withdrawing funds and disappearing. This process can span months or even years, but offers significant financial gain for the criminal.

Variations of synthetic identity fraud include paying individuals with good credit to link their accounts to the synthetic identity, creating fake digital footprints on social media, and using fake checks to temporarily repay credit lines before maxing them out again.

Importance of Synthetic ID Fraud Detection

Detecting synthetic identity fraud early is essential to prevent more complex fraud schemes. Businesses must implement advanced detection measures to identify fraudulent patterns, as these synthetic profiles can cause extensive financial and reputational damage over time. Robust synthetic identity fraud detection strategies help mitigate risks and protect organizations from evolving fraud tactics.

A New Way to Gauge Your Customers’ True Intentions

You always want to know who your customer really is. SEON’s digital footprinting uses our online presence to assess who they are.

Read More

How To Detect Synthetic Identity Fraud

Synthetic identity fraud is notoriously hard to detect, as it is specifically designed to fool anti-fraud measures. However, companies can deploy a number of powerful features to identify users beyond the standard KYC checks. 

Leverage Digital Footprint Analysis

Online digital footprint analysis is designed to identify people without relying on ID documents or biometrics. It’s a fantastic way to pre-screen for KYC checks, but also to instantly flag potential synthetic ID fraud.

Digital footprint analysis includes email and phone number analysis, which also lets you link data to social media profiles. This has a number of positive results for companies as you can:

  1. Use social media profiles to confirm identities.
  2. Flag users with no social presence
  3. Mark high-risk customers based on the kind of social networks they have joined.

Similarly, customers who sign up with virtual SIM cards, fake phone numbers or invalid email addresses should at least be considered high risk for your business.

Extract More Data With IP and BIN Lookups

Another way to spot suspicious identities is to find red flags in user’s alternative data, such as IP addresses or card numbers. In fact, you could even combine both tools to spot inconsistencies, such as a card issued in one country, and an IP pointing to another.

As is always the case with this kind of granular data, it’s not enough to claim an identity is fraudulent. You have to combine as many data points as possible to create a user profile and flag the suspicious ones accordingly.

Deploy Device and Browser Fingerprinting 

f fraudsters are successful once, they tend to target the same companies multiple times. The challenge for them isn’t to create hundreds or thousands of synthetic IDs; it’s to make it look like each of these is connecting to your site as a new and legitimate user.

A device fingerprinting module can identify the tools that a fraudster relies on to spoof different users and devices. This is done by extracting data relating to their configuration of software and hardware, allowing you to spot:

  • unique browser setups
  • suspicious hardware configurations
  • emulators and virtual machines

Moreover, device fingerprinting lets you create hashes for each unique configuration, which lets you spot connections between users and instantly flag repeat offenders. 

Identify Fraudulent Behavior via Velocity Rules

In fraud prevention, velocity rules help identify user behavior, especially in sophisticated attacks or those involving money mules using real IDs. These rules analyze various data points, such as how quickly a user completes KYC or authentication, whether a social security number is entered in one keystroke, or how often a similar browser setup appears. This allows detection of suspicious behaviors, even from fraudsters already infiltrating a platform.

Enable Machine Learning Suggestions

A whitebox machine learning system is particularly adept at spotting patterns that point to synthetic ID fraud. By extracting all the data mentioned in the points above (device, IP, card, behavior) and feeding it to the system with the right labels, you can expect insights that no analysts could have extracted.

If you are consistent in your reporting and use enough feedback mechanisms, you can begin getting suggestions that may point to the most undercover and sophisticated fraud. Best of all, the efficiency will improve over time, and the rules are based on your own historical business data.

Block Fake Accounts Before KYC

Identify and block suspicious users early, ensuring fast onboarding for genuine customers.

Speak with an expert

Conclusion

Criminals have access to a growing number of resources to create synthetic IDs. For targeted companies, it’s not enough to simply implement static ID checks and fraud rules, and leave them to run on autopilot. 

However, you don’t have to waste all your resources on intensive manual reviews for identity proofing. Using sophisticated risk tech, you can combine tools to create a net that will filter out bad users, and only allow in those who will help your company reach its goals.

Frequently Asked Questions

What are the warning signs of synthetic identity fraud?

If you notice strange payments on your statement or start receiving suspicious emails, it’s possible some of your ID documents have been stolen and used for synthetic IDs.

How do people create synthetic identities?

To create a synthetic identity, you need some kind of real document to begin with. It could be a name, address or social security number. The fraudster then modifies or tweaks the information for their need.

Why do fraudsters use synthetic IDs?

Synthetic IDs are harder to detect than made-up, completely fake IDs because they contain an element of truth (the person’s ID documents). This is why fraudsters use them to bypass KYC checks or for fraudulent transactions, among others.

What kind of stolen data is used in synthetic ID fraud?

Fraudsters rely on any identifiable information they can find, including tax-related information, medical records, social security numbers, and even children’s identity records. 

How do you prevent synthetic identity fraud?

Preventing synthetic identity fraud involves using unique, complex passwords with tools like password managers, staying cautious during online interactions to avoid social engineering, and leveraging cybersecurity measures such as antivirus software and two-factor authentication. Regularly monitor credit reports to catch suspicious activity early, and be careful when sharing personally identifiable information (PII) like Social Security numbers or ID copies. Additionally, consider freezing children’s credit reports to prevent fraudsters from exploiting their identities.

You might also be interested in reading about:

Learn more about:

Browser Fingerprinting | Device Fingerprinting | Fraud Scoring | Fraud Detection with Machine Learning & AI

Related Source for this article:

  • BBC: I was a teenage ‘money mule’
  • Federal Reserve: Synthetic ID Fraud in the US Payment System
  • Comparitech: Identity theft facts & statistics: 2019-2022
  • Experian: Experian’s 2023 Future of Fraud
  • IEEE: DeepFake Detection for Human Face Images and Videos: A Survey
  • Forbes: Socure Report Examines Rise Of Synthetic Identity Fraud
Share
Share
Share

Table of contents

You Might Be Interested In

Take the First Step Toward Transformative Fraud Prevention

“SEON significantly enhanced our fraud prevention efficiency, freeing up time and resources for better policies, procedures and rules.”

Chief Compliance Officer, Soft2Bet

  • Automate 95% of fraud checks
  • Reduce fraudulent registrations by 90%
  • Accelerate manual reviews by 90%

Trusted by 5,000+ Global Organizations:

Revolut logo
Afterpay logo
Soft2bet logo
Wise logo

Book Time With Our Experts

This form may not be visible due to adblockers, or JavaScript not being enabled.