Synthetic identity fraud is not a new problem, but this type of fraud has had exceptional growth in recent years. Unlike other types of fraud where bad actors exploit legitimate identities, synthetic fraud involves the creation of fabricated identities to establish accounts and lines of credit to then defraud businesses and government agencies. Synthetic fraud is also increasingly tied to demand deposit accounts (DDAs) in P2P scams, imposter scams, money mule schemes, money laundering, and even human trafficking.
With the shift to digital and online services for consumers, fraudsters can now take PII they acquire on the internet to game credit, lending, and banking systems with synthetic identities at scale, all from the comfort of their own homes. There’s also evidence that as financial services organizations are getting better at combating third-party fraud, fraudsters are shifting to synthetic identity fraud because it’s more difficult to detect and easier to involve money mules. Information and tactics for how to perpetrate synthetic fraud proliferate throughout the dark web.
Aite-Novarica, a research and analyst firm specializing in fraud and anti-money laundering (AML) for a variety of financial services markets, recently published a report—Synthetic Identity Fraud: Solution Providers Shining Light Into the Darkness—that highlights synthetic fraud trends, along with analysis of how identity verification and fraud prediction vendors are addressing them. Additionally, Aite-Novarica interviewed fraud executives at various North American financial institutions and fintechs to understand their fraud-related concerns and operational priorities.
Synthetic ID Fraud is a Top Concern Among Executives & Financial Institutions
What emerges in the report is alarming—there is no question that perpetrators of synthetic fraud are getting better at what they do while also using an increasing variety of techniques. The message from Aite gives color to a hard truth—financial institutions need to strengthen their fraud prevention and identity verification approaches or synthetic fraud could become a significant threat to their business. Moreover, synthetic identities may have infiltrated their portfolio already, and they don’t know–because these fraudsters or money mules appear to be normal customers.
Certain fraud types are especially concerning to risk and fraud executives at financial organizations. Lending and credit card companies have historically been synthetic fraud targets, but these leaders are now seeing an increase in attacks on small business accounts and traditional-banking savings and checking accounts.
Here are Aite’s sample group of executives’ top fraud concerns (showing percentage that ranks each item as a top concern):
- Synthetic identities resulting in application fraud — 39%
- Wire fraud resulting from ATO — 39%
- First-party check/deposit fraud resulting from application fraud — 32%
- Third-party ACH fraud resulting from ATO — 29%
- Mule activity resulting from application fraud — 25%
- First-party lending fraud resulting from application fraud (includes credit cards and loans) — 18%
- Third-party P2P fraud resulting from ATO — 14%
- Third-party card fraud resulting from ATO — 4%
Assessing the Efficacy of Identity Signals in Predicting Synthetic ID Fraud
The report focuses on specific identity signals that are required to address synthetic fraud and then assesses the efficacy of each solution’s application of these signals to identify synthetic identities. These signals, which Aite says in the report “…can be helpful inputs to a holistic synthetic identity assessment,” include:
- PII usage patterns – Performing link analysis between PII and credit header and third-party data to detect anomalies.
- eCBSV – Verifying an applicant’s name, Social Security number (SSN), and date of birth in real time against the Social Security Administration’s database, as part of layered controls.
- Device identity/reputation – Analyzing device intelligence to examine the risk of devices.
- Email tenure/reputation – Assessing the tenure and reputation of an email address.
- Mobile phone tenure/reputation – Verifying the likelihood that the device belongs to the person authorized on the mobile account.
- Behavioral analytics – Evaluating how users interact with their devices to determine if the behaviors are risky.
- Consortium intelligence – Applying feedback data to identify synthetic fraudsters across the customer network.
- Stepped-up verification – Inserting step-up mechanisms, such as ID document verification, to support onboarding for higher-risk identities.
Aite evaluated vendors on the basis of this list of signals and how well they address fraud execs’ concerns. Of the 11 vendors in the report, Socure was named as the vendor with the most comprehensive solution. Specifically, the Aite analysts said:
Socure’s newest version of Sigma Synthetic integrates device features gathered via Socure’s proprietary SDK and web scripts to enhance the predictive value of the model and help with bot detection. Socure employs a seasoned machine learning approach that combines the use of graph, clustering, and link analysis algorithms with properly labeled consortium and third-party data sources. The models are trained on synthetic feedback data from its consortium of clients.
To really understand why Aite was so impressed with Socure’s ID+ platform, it’s important to understand a key element that drives how we approach identity verification and fraud prediction. The foundation of the Socure platform is an approach that generates and persistently trains data models that use automated machine learning (ML) techniques to seek perfect identity accuracy.
Preventing Synthetic ID Fraud with Socure: The Most Accurate Model for Identifying Users on the Internet
Socure has spent more than 10 years and hundreds of millions of dollars in data science research and development to produce the most accurate model for identifying users on the internet and, in the process, eliminating fraud. At the heart of this ML-driven model are three elements that, when incorporated together as part of this model, permit Socure users to eliminate fraud and automatically identify and accept more “good” users—including those who are typically overlooked by traditional solutions. Socure’s ML model:
- Provides a complete view of identity: Socure’s platform uses every element and dimension of identity and orchestrates that data with advanced AI/ML to maximize accuracy and reduce false positives without creating any friction in the customer experience. Most legacy solutions rely on element-centric products (email data only, or perhaps the combination of just phone and address data), which result in friction, low accuracy, low coverage, and high false positives.
- Applies advanced ML to a massive and growing set of data: Where some solutions compare identities against a handful of data elements, Socure has access to a continually growing collection of data sources that provide broader and deeper coverage than other solutions. Socure’s ML models apply this data to unlock more than 17,000 independent, predictive features to enable fraud detection accuracy and identity verification decisioning in real time.
- Develops a real-time model that is informed by identity graph consortium data: Socure’s 1,700+ customers continuously feed our ML model with transactional data from real customer transactions. This allows us to build and persistently improve a real-time network of intelligence from billions of actual decisioning outcomes from the world’s largest companies.
As synthetic fraud activity becomes more sophisticated and targets a broader set of identity signals, it’s no longer feasible to apply point solutions through individual, disparate products. The result will be a disjointed approach that leaves blind spots because those pieced-together solutions rely on stale data that isn’t correlated to deliver usable insights.
Socure’s Sigma Synthetic Fraud was developed to equip public sector and private enterprises with increasingly sophisticated fraud tactics and vectors. It relies on specific reason codes that help clients clearly understand hidden patterns of synthetic fraud. These reason codes were derived by extracting topological, velocity, and PII interaction features from Socure’s identity graph. Using unsupervised ML and multi-class classification, Sigma Synthetic Fraud identifies and shares with clients the differences between synthetic label patterns across a diverse base of customer institutions. This makes it possible for Socure to provide intelligent industry recommendations on how to best label synthetic fraud for collections and other purposes.
Socure offers precision in identifying good and bad identities in our predictive models by focusing on:
- Known fraud events: Socure’s real-time consortium network of intelligence from one billion actual decision outcomes from some of the world’s largest companies inform our fraud model scores by looking at fraud rates of different attributes (identity elements) over different time periods as they interact with other attributes.
- Velocity: Velocity calls out when an identifier appears across our network in abnormally frequent patterns, such as an SSN that shows up in a multitude of transactions across many institutions.
- Linkages: These are risk characteristics of applications from the same IP address.
- Out-of-pattern activity: Socure notes when fraud trends change and then develops new variables as necessary, such as indicators of multiple applicants from the same email domain.
We encourage you to read Aite-Novarica’s analysis and learn more about the state of synthetic identity fraud.
Mike Cook is VP of Fraud Solutions Commercialization at Socure and works alongside Data Science, Product, Sales and the Fraud Investigation team to help ensure solution optimization across all the markets Socure serves. Mike has been an innovator in fraud, identity, and credit risk for almost 35 years and has created several patents for identity risk technologies.