Synthetic identity fraud is nothing new. However, modern criminals have been able to exploit the underpinnings of the current and admittedly flawed personal identity regime to take synthetic identity fraud to a whole new level. As a result, this form of fraud is the new elephant in the room – a problem that is rising to epic proportions but that many have yet to acknowledge.
Synthetic identity fraud results when criminals fabricate identities to establish new bank accounts or lines of credit and use those fake identities to steal money. The problem manifests differently across the globe, depending on local Know Your Customer regulations and identity management constructs. Synthetic identity fraud is acute and growing in the U.S. market, where the stakes for consumers are higher than ever.
To better understand the rapid growth of synthetic identity fraud, Aite Group conducted a study interviewing 33 executives from U.S. financial services firms and fraud vendors. The study from July 2017 to April 2018 helped Aite Group define synthetic identity fraud, establish a sizing for its impact on the U.S. credit card market and discuss emerging vendor solutions.
Rampant data breaches, loosening credit standards, and SSN randomization are market trends that have all contributed to the synthetic fraud problem.
With 9.7 billion records breached since 2013, organized crime rings have an unprecedented amount of data at their disposal to fuel their identity-compilation and identity-manipulation efforts. As the economic recovery has progressed, U.S. financial services firms have loosened credit requirements, which makes it easier for synthetic identities to take hold and build from a thin file to an established credit holder.
EMV is effective at reducing counterfeit card fraud, and more readily adopted as an implication of increased breaches. As the industry saw in the other 19 G-20 countries in a move to EMV, criminal elements do not sit back and absorb the hit to their balance sheet that EMV represents; instead they migrate their attacks to other forms of fraud, including new account fraud and account takeover.
In its infinite wisdom, the U.S. Social Security Office began randomizing the issuance of SSNs in 2011, rather than having a specific issuance formula based on the date and geographic region. This randomization eliminated a valuable tool from the arsenal of financial institutions that they could use to check the validity of an SSN at the time of account onboarding, making it easier for fraud to occur.
How Credit Issuers Can Better Find and Eliminate Fraud
Aite Group found in its study a steady increase in synthetic identity fraud and suggest that credit issuers improve their means of detection and remediation to combat this dangerous trend.
The scope and size of the synthetic identity fraud problem is elusive. Based on the data provided by the issuers interviewed in the study, Aite Group conservatively estimates that U.S. synthetic identity fraud losses for credit card exceeded $800 million in 2017.
Aite Group recommends that credit issuers apply a multipronged detection strategy. As with most types of fraud, there is no silver bullet for synthetic identity fraud. Financial services providers need to combine the analysis of credit file data, public record data and digital identity data to effectively detect potential synthetic identities.
Once a fraud is detected, Aite Group suggests that credit grantors adopt a segmented remediation process for synthetic versus third-party fraud, since the criminals that take the time to cultivate synthetic identities will often be able to effectively navigate traditional stepped-up authentication processes.
Credit grantors should also analyze collections queues. Many synthetic identities are written off as credit losses. Credit issuers should analyze their existing credit write-offs to determine what proportion of them are synthetic.
Not only will this help better inform analytic routines to help detect future synthetic fraud, but it also will remove the synthetic identities from collections queues, thus freeing up valuable resources to focus on actual recovery opportunities.
Julie Conroy is research director on Aite Group’s retail banking team. To learn more about Aite Group’s research coverage of retail banking and payments, please contact Aite Group at info@aitegroup.com.