Preventing Synthetic Identity Fraud

This content is provided by our sponsor, and neither is written by nor provides endorsement from ICBA.



What is synthetic identity fraud?

A synthetic identity is made up of fabricated credentials where the implied identity is not associated with a real person. This identity is then used to apply for services.

 

In recent years, the emergence of synthetic identity fraud has highlighted many gaps in legacy systems’ ability to keep up with tech-savvy fraudsters. In response, institutions must develop a multi-pronged defense strategy that helps them identify synthetic identities — all while enabling account growth.

 

The challenges of synthetic identity fraud

 

Synthetic identities are difficult to detect

In-house teams that aren’t equipped to identify synthetic identities at account origination must distinguish between synthetic identities and real ones further down the line. In the first three months after opening an account, the behaviors of a fraudster using a synthetic identity and a legitimate customer can be identical.

Data breaches continue to expose sensitive personal information

On average, data breaches are detected 287 days after they happen.[1] Oftentimes, personal information exposed to bad actors is used in synthetic identity fraud attempts before the breach is even detected.

Exposure to synthetic identity fraud increases with digital adoption

Offering digital banking options often increases the amount of fraud attempts an institution experiences. The disconnect between new tech platforms and legacy processes creates opportunities for fraudsters to exploit blind spots created when new channels and services are plugged into old infrastructure.

Addressing synthetic identity fraud

 

How institutions can fight synthetic identity fraud

 

1. Keep in-house teams trained on identifying synthetic identities

MANTL recommends that institutions set up an annual or semiannual cadence for leaders to reassess internal and industry fraud events and re-train their team accordingly.

 

2. Understand the difference between attempted fraud rates and actual fraud rates

An increase in fraud attempts does not necessarily mean an increase in losses suffered by an institution. If more customers are being reached through new channels and fraud attempts go up, it’s not necessarily a cause for concern as long as those synthetic identities are identified during the application process. In fact, an increase in fraud attempts can occur alongside an increase in conversion rates, and often does.

 

3. Provide information about data security to customers

Many neobanks and challenger banks provide “information centers” on their websites or in onboarding materials. This relatively low-cost initiative allows them to advise customers on how to keep their personal information protected while also positioning themselves as an ongoing resource.

 

How technology can fight synthetic identity fraud

 

1. Keep deposit origination platforms up to date

Many origination platforms have not been updated to account for increasingly complex instances of synthetic identity fraud. When vetting vendors to help you originate more accounts, be sure they’re committed to constantly updating their fraud mitigation features as well.

 

2. Identify technology partners that address fraud prevention along the customer journey

FI leadership should work to identify how a diverse set of vendor relationships can help them prevent fraud (identifying risky actors before they can strike), and address fraud (identifying an instance of fraud as it’s happening, finding a solution, and shutting down future attempts).

 

Learn more.

 

[1]  Payments Journal, Understanding and Stopping Synthetic Identity Fraud, August 1, 2019.