Your business probably already has a KYC Procedure designed to confirm user identities. The problem? How does it work if the IDs are from real people, but with bad intentions?

This is precisely what makes fighting synthetic identity fraud so hard. You can’t just look at the documents. You also have to guess the intent. 

Luckily, this isn’t as hard as it sounds with the right risk management tools – even when there were 14 Million reported stolen IDs in 2019 alone.  Let’s break it down below.

What is a Synthetic ID?

A synthetic ID is stitched together based on real and fake information. It can also be made of multiple people’s personally identifiable information (PII). For instance, using a real social security number from one person, and combining it with another’s credit card details. 

Types of Synthetic ID

Synthetic IDs can either be:

• Manipulated: combining real user documents and fake, made-up data/
• Blended: using real information from multiple sources.
• Manufactured: for instance, a social security number that is randomised to fall within the right range.

Key Characteristics of a Synthetic ID

A synthetic ID is always stitched from various data sources. However, it can be used to: bypass KYC checks, build stronger credit scores, or simply go undetected by a fraud management system.

What is Synthetic Identity Fraud?

Synthetic ID fraud includes any kind of criminal activity that uses a combination of fake IDs and real user data. It includes onboarding, bypassing KYC checks, or creating a fake address to process a fraudulent transaction. Synthetic Identity fraud can be harder to detect than standard identity fraud because it contains someone’s real ID documents. These can help pass the Know Your Customer verification process, whereas obviously fake profiles are easily flagged.

According to the Federal US Reserve, synthetic identity fraud was the fastest-growing type of fraud in the US in 2019, and 85-95% of all synthetic ID fraud cases were not flagged by security systems. According to the same research, it is a particular problem in the US because of the country’s reliance on static personally identifiable information (PII), including Social Security numbers (SSNs).

Synthetic ID fraud, however, affects any kind of business that is trying to monitor its user accounts. For instance, fraudsters will obtain IDs from stolen marketplace to create an account with a bank and diligently pay their bills for years. After a while, they can ask for the limits to be raised.

When the limits are sufficiently raised, they will max out their credit card limit, do a “bust out” and simply disappear. By the time the banks attempt to get their money back, they realise the person doesn’t exist.

How Does Synthetic Identity Fraud Work?

Synthetic ID fraud works when fraudsters create synthetic IDs to bypass KYC checks when creating an account Here is an example of how a synthetic ID can be used for fraudulent purposes with a bank:

1. Fraudster acquires personal information + forged IDs
2. They use parts of it to apply for a credit card
3. They borrow money and repay diligently for years
4. When the limit is raised, they max the card and disappear
5. The bank tries to collect their money… and there’s nobody there.

How Much does it Cost Businesses?

Based on the 2021 Future of Fraud Forecast, Experian reports that synthetic ID fraud or synthetic identity theft is the fastest-growing type of financial crime. Based on Experian’s own definition, it accounts for 80% of credit card fraud losses, and nearly 20% of chargebacks.

How to Prevent Synthetic Identity Fraud?

Traditionally, an effective way to identify a fake or stolen ID in the context of synthetic identity fraud was to rely on OSINT techniques. OSINT, or open-source intelligence, is a collection of processes that looks at publicly available data and cross-references against the suspicious profile.

The problem? It’s time-consuming and resource-heavy. If you use pro databases from Experian, Pipl or white pages, it can also be a costly method. 

Last but not least, this type of risk management requires eagle-eyed specialists, with proper training and education. 

So how do you identify those adept at evading synthetic fraud detection, and at scale? With the right technology.

How to Detect Synthetic Identity Fraud?

Let’s be clear: there’s no magic bullet when it comes to synthetic identity fraud detection. You’ll need a multi-layered approach, ideally combining all the technologies mentioned below. But let’s break them down one by one:

1 Device Fingerprinting

If fraudsters are successful, they tend to target the same companies multiple times. The challenge for them isn’t to create hundreds or thousands of synthetic IDs. It’s to make it look like they are all connecting to your site as unique users.

This is why a device fingerprinting module is so effective. You can instantly flag user connections that point to:

• Proxy usage
• Tor connections
• VPN use
• Strange browser setups
• Suspicious hardware configuration
• Emulators

The key here is not just to focus your attention on strange configurations of software and hardware, but also to highlight connections between users.

By logging each device setup as a unique ID, you can notice patterns that could point to bot use, or repeat attacks from the same fraudulent organizations.

2 Reverse Social Media Lookup

An interesting technique to spot synthetic identity fraud? Look at their online digital footprint. This includes email and phone number analysis, to see if their details appear legitimate, but one of the most effective techniques is undoubtedly social medial lookup.

You can perform a reverse email address or phone number search, and see if they have been used to register to social media platforms. Read a comparison of the best email lookup tools here.

This has three key benefits:

• You can use their social media profiles to confirm their identity.
• An absence of social media information may point to fraud.
• The kind of social media networks users are subscribed to can also help with credit scoring.

Because SEON can check 20+ social media networks and a growing number of platforms in emerging markets.

3 Behaviour Analysis via Velocity Rules

Last but not least: it’s not just about looking at data points, but about understanding user behavior. This is particularly important for the more sophisticated attacks, and those perpetrated by money mules who use their real IDs the whole time.

In fraud management terms, this is examined via custom rules and velocity rules. These are rules that aren’t necessarily complex, but that can analyze a wide variety of data points, including timeframes. 

Here are some examples:

• How quickly did the user go through the entire KYC process?
• What about the user authentication stage?
• Did they enter a social security number in one keystroke?
• How many times has a similar browser/hardware setup appeared in the last 10 days?
• How frequently do they request to raise their credit limit?

Of course, the sky’s the limit with the kind of data you want to examine. But the key here is that you can identify suspicious behaviors, even from fraudsters who have already managed to infiltrate your platform.

A whitebox machine learning system, for instance, is particularly adept at catching matching behavior from fraudsters who passed the KYC stage. If you are consistent in your reporting and use enough feedback mechanisms, you can begin understanding behavioral patterns that may point to the most undercover and sophisticated fraud.

Synthetic ID Fraud vs. Traditional ID Fraud

Traditional identity fraud is perpetrated in real-time. Sending phishing emails from an account takeover, for instance, constitutes an example of direct identity fraud. Synthetic identity fraud, however, tends to be cultivated over time by more sophisticated criminals.

Their goal is to fly under the radar for as long as possible, as they want to create a new account and use it in the long term. This is important because it highlights a key challenge in fighting this kind of fraud.

The criminals who rely on these techniques are patient, calculated, and sophisticated. They also tend to be organized, which we can use against them to our advantage. 

What Kind of Stolen Data is Used?

Identity theft and fraud go hand-in-hand. Criminals will stop at nothing to acquire records that help them create fake profiles. This includes stealing:

• Tax-related information: in the US especially, tax information from the IRS can be used to recover extra personal data.
• Medical identity theft: medical information is also often used to apply for prescription drugs or to file insurance claims under someone else’s name.
• Child identity theft: proof that fraudsters will stoop as low as they can, children records are often used to apply for credit cards or online loans. This works because their credit scores are either neutral or nonexistent, and it will take many years before anyone realises the information was compromised.

What is Causing the Rise in Synthetic Identity Fraud?

This type of fraud is on the rise because fraudsters have access to a growing number of options to access

Data Breaches Mean IDs Are Easier to Source

Sourcing ID documents is child’s play for fraudsters. They can hop on the dark web and purchase huge lists from leaked databases, at surprisingly competitive rates.

While a data breach can be useful for ID verification, the information is more likely to cause a vicious cycle of account takeovers, fake account openings, and a rise in the number of synthetic IDs.

An Increase in People Willing to Sell IDs

Adding to the challenge of widely available stolen documents, many people willingly sell their IDs in exchange for a fee. 

This is especially true in the aftermath of the global COVID-19 pandemic. The general population worldwide has taken a financial hit, and fraudsters were quick to exploit the situation. 

They offer to buy personal details or to borrow people’s bank accounts to hide their synthetic identity fraud activities. Here are a few options:

• Money mules: a money mule is a person who transfers stolen money on behalf of others. It’s also referred to as a “smurfer”, or “squaring”. Under 25s are particularly at risk, and money mules may find themselves complicit in money laundering schemes.
• Bank drop: the account that money mules will use to receive and transfer illicit funds.
• Rent-an-ID: in the underground economy, we’ve seen a proliferation of services that blatantly ask people to rent out their documents, in exchange for payment.
• Clearnet fake document services: can’t provide the right documentation? No problem – a growing number of clear net services offer photoshopping IDs for fraudsters, helping them bypass KYC checks using selfie IDs.

The takeaway: there’s no shortage of resources available to stitch together the perfect ID, tailored to defraud your online services.

The Prevalence of Fake ID Services

What if fraudsters run into heavier KYC checks in the form of document uploads? Barely an inconvenience: they can simply purchase a document from a forging service, which are plentiful, affordable, and surprisingly effective.

Conclusion: Better Detection With a Multi-Layered Approach

Criminals have access to a growing number of resources to create synthetic IDs. For targeted companies, it’s not enough to simply implement static ID checks fraud rules and to leave them run on autopilot. 

The good news, however, is that you don’t have to waste all your resources on intensive manual reviews for identity proofing. Using sophisticated risk tech, you can combine tools to create a net that will filter out bad users, and only allow in those who will help your company reach its goals.

Frequently Asked Questions

You might also be interested in reading about:

• SEON: Best Fraud Detection Software
• SEON: Guide to Ecommerce Fraud Detection
• SEON: How Can NeoBanks Offer Digital Onboarding That’s Both Safe And Easy

Learn more about:

Data Enrichment | Browser Fingerprinting | Device Fingerprinting | Fraud Detection API | Fraud Detection Using Machine Learning

Related Source for this article:

• BBC: I was a teenage ‘money mule’
• Federal Reserve: Synthetic ID Fraud in the US Payment System