Although it’s one of the fastest-growing crimes in the U.S., many financial institutions, cyber security firms, and regulators have struggled to define the impact of synthetic identity fraud (SIF) – until now.
The 2021 Synthetic Identity Fraud Report, which utilizes data from our Cyber Fraud Network™, has revealed the scale of the problem facing banks and credit unions and credit as they attempt to crack down on SIF. It found that, in 2020, an estimated $20 billion was lost to SIF, a 33% increase from 2018.
- Auriemma Group (2018). “Synthetic Identity Fraud Cost Banks $6 Billion in 2016.”
- Javelin Security & Research (2020).
The Challenges of Measuring Synthetic Identity Fraud
The very nature of a synthetic identity, a fake persona composed of a variety of identity elements (typically stolen from real people) such as a name, social security number, and address, means it's difficult for financial institutions to detect and therefore measure the impact of the crime.
The goal of SIF is to remain undetected by paying off small lines of credit and gradually accruing large lines of credit before eventually busting out. Even then, the crime often goes unidentified as financial institutions erroneously attribute the theft to bad underwriting.
While forward-thinking financial institutions are turning to AI-powered solutions to identify SIF, criminals are employing the same machine learning principles to identify the thresholds for fraud detection rules used by legacy systems. By using AI to evaluate approved and denied bank loans, criminals have the information they need to refine the criteria for their synthetic identities and beat the system.
While criminals are becoming more sophisticated in their approach to SIF, the difficulty in detecting it is exacerbated by a lack of collaboration across the industry. As an emergent, albeit rapidly growing crime, regulators are yet to provide detailed information on how to tackle the problem. The Federal Reserve Board is leading the charge by issuing its first set of guidelines as part of a broader SIF toolkit in early 2022.
An Example of Synthetic Identity Fraud
Using proprietary research from thousands of real-world cases, the 2021 Synthetic Identity Fraud Report provides insight into what a typical SIF account looks like.
A testament to the long-term nature of the crime, SIF accounts have a relatively high credit rating, with an average FICO score of 742.
All of the personally identifiable information (PII) used for SIF, including names, addresses, and social security numbers, are purchased or scraped from the dark web and typically stolen from three different people.
Usually, SIF accounts will include one former address in order to minimize potential scrutiny, and the phone number provided is taken from an account that has been created using the synthetic identity.
In 50% of cases, additional authorized users are added to the account, often in an attempt to build credit for other synthetic identities.
As well as a detailed example of a complete SIF account profile, the report includes a breakdown of how such accounts amass credit limits upwards of $65,000 including credit cards, personal loans, and vehicle loans.
Mature SIF accounts that successfully navigate their way to significant lines of credit are estimated to bust out by 25% to 50% above their limit, for an average theft of $90,000.
How Financial Institutions Are Tackling Synthetic Identity Fraud
While criminals are becoming more sophisticated in their approach to SIF, so too are the solutions and approaches aimed at reducing the losses incurred by financial institutions.
SIF Detect™ applies advanced automation and a proprietary “human-in-the-loop” model to identify SIF profiles – at the account opening stage or in existing customer portfolios.
For more information on how FiVerity is helping leading financial institutions fight back against SIF, book a demo today.