Synthetic identity theft is a type of fraud in which a criminal combines real and fake information to create a new identity, which is used to open fraudulent accounts and make fraudulent purchases. Fraudsters use this fictitious identity for obtaining credit, opening deposit accounts and obtaining driver’s licenses and passports.
This kind of fraud differs from tradition identity theft in that the perpetrator creates a new synthetic identity rather than stealing an existing one. The process starts with someone stealing real social security numbers that aren’t actively being used e.g. children and elderly people who use little, if any, credit and then creating identities by adding fake addresses. Synthetic identity theft allows the criminal to steal money from any credit card companies or lenders who extend credit based on the fake identity.
It’s difficult for banks to detect because their fraud filters aren’t yet sophisticated enough to catch it. When the synthetic identity thief applies for an account, they might just look like a real customer who has a limited credit history. Digital channel-specific solutions can be effective at identifying bots and devices with negative histories but fail to efficiently flag fraud executed from a clean device by an individual with no history at the institution.
Data validation solutions are prone to errors due to duplicated or incorrectly entered entries, which become more difficult considering more frequently changing data points such as home addresses and phone numbers. This fuzziness allows manipulated identities to blend in effectively as each data point appears valid, despite linking to a number of different identities.
Synthetic identity theft is by far the most common type of identity fraud and is costing banks billions of dollars and countless hours as they chase down people who don’t even exist. It’s the fastest-growing and hardest-to-detect form of identity theft, according to the U.S. Federal Trade Commission. Credit reporting agency Equifax said the crime has “become the predominant tactic for fraudsters.” Synthetic-identity fraud resulted in $800 million in credit card losses in 2017, up from $580 million in 2015 — and that amount is expected to grow in the years ahead, according to a recent investigation by Aite.
“Today, online criminals are creating what we might call a synthetic identity ecosystem that will be among the larger threats in infosec over the next 5 years.” “I expect users on LinkedIn, Facebook and Twitter will see a growing number of farmed profiles that are very difficult to distinguish from accounts from real people. The credibility that comes with the connections in our online communities is important – it makes access and fraud more difficult to prevent,” said Daniel Riedel of New Context company that is doing research into “synthetic identities” and “secure attribution”
Further the advances in artificial intelligence is making it even more challenging as it is beginning to outstrip a human’s ability to discern engagement with non-human entities during casual interactions.
Recently, Google showed-off their new AI that can book a hair appointment. Beyond Google’s AI we are now able to create realistic artificial faces and can manipulate videos of people to say and behave differently. These same tools will also be used by criminals to defraud people. The impact to critical infrastructure will be advancement on the same phishing scams to gain access and dupe people into giving away their identities so that criminals will gain access to networks.
Synthetic frauds are not confined to just the banking industry, there are several other crimes committed under fabricated identities. As these synthetic identities are not used for financial gain, they are much more difficult to discover since there is no report of credit loss or fraud. There have also been recent, high-profile cases of terrorist organizations exploiting the use of synthetic identities to serve their ideological purposes. Synthetic identities provide an avenue for terrorists to not only distribute funding but to also obtain valuable resources, such as cell phones and airplane tickets for individuals having intent on more than just financial harm.
IDST Monthly Access Membership Required
You must be a IDST Monthly Access member to access this content.