Synthetic Identity Fraud — How “Fake” Identities Hurt Real People
Over the last few years, synthetic identity fraud has taken off. Once considered a complex and expensive crime to commit, synthetic ID fraud cost U.S. banks $1.8 billion in 2020 and is on track to cost banks $2.4 billion by 2023. Meanwhile, the U.S. Federal Reserve Bank of Boston attributed 20% of financial institution (FI) credit losses to synthetic identity fraud as recently as 2016.
Mitigation has largely fallen on the financial institutions where the crime occurs. But there are very good reasons why consumers should play offense — and financial institutions should be their top supporters.
What Are Synthetic Identities?
Simply put, “synthetic identities” are identities that do not correspond in their entirety to any real person. However, they may well contain pieces and parts of personal information that belong to real people. This is a large part of why consumers haven’t been actively engaged on the issue – if it is not a real identity, how can there be any real victims? Unfortunately, as we’ll cover later, the consequences of these “fake” identities are very real.
As any bank or credit union’s fraud team is quite aware, fraudsters are using synthetic identities to bypass processes meant to positively identify consumers. They are successful largely because institutions rarely verify identities with sources of record. Meaning, instead of verifying a Social Security Number (SSN) with the Social Security Administration (SSA), they consult third-party data brokers. Those data brokers obtain information from other organizations that have collected it from the consumer (which was likely never verified with the source of record, either). While it is becoming easier to verify some of this directly by using relatively new services like the Electronic Consent Based Social Security Verification (eCBSV) service from the SSA, it is far from commonplace.
Digitization Transformed the Banking Experience — and Fraud, Too
Ten years ago, synthetic identity fraud was time-consuming, risky, and rarely committed in person. Committing this type of crime in the real world meant a fraudster would need forged identity documentation. If that documentation didn’t pass muster, they could be arrested on the spot, or at the very least, need to restart the major effort of obtaining another forgery and building a new false identity.
It’s very different now that applying for financial products online has become the norm. Criminals can take personally identifiable information (PII) stolen in any number of data breaches and combine it with a fictitious name, a random address or date of birth, and other elements that they like. This can be replicated hundreds of times in a day for little time or money. It’s a far cry from just a few years past.
The 3 Major Synthetic Identity Threats to Families and Individuals
Synthetic identity fraud is rising at an alarming speed, and it’s causing actual damage to individuals and families:
- It puts kids’ financial futures at risk. The SSNs of children are among the most highly valued elements in many synthetic identities — preferred because a child’s credit report is almost always a blank slate.
- Synthetic identities can adversely affect consumers’ credit. Criminals can make victims out of consumers by coopting elements of their PII to build a synthetic identity, such as their SSNs. As the fake identity is used to obtain new accounts, that activity can end up on the legitimate consumer’s credit report – especially if they have little to no past credit history. Having alternate personal information (name, address, employer, etc.) appended to a credit report can cause problems for the legitimate consumer when they attempt to obtain credit in the future. It presents a confusing and inaccurate picture of activity and risk level. Even worse, the negative credit activity will quickly manifest as fraudulently obtained accounts start to go unpaid. At this point, restoring one’s credit report and trying to untangle the confusing mix of identities presents a painstaking, time-consuming nightmare for most consumers.
- Credit repair services might be making fraudsters out of customers. Finally, shady credit repair services are encouraging them to use a ‘Credit Privacy Number’ (CPN) in place of their SSN when applying for new accounts. Even if their own credit history leaves something to be desired, consumers that use CPNs to obtain credit are themselves committing fraud in the process!
At the end of the day, vigilance is one of the most important ways to keep synthetic identity fraud at bay. Financial institutions support this by offering access to credit reports and account activity alerts – but these measures raise red flags after fraud has already happened. It’s possible today to take a more proactive approach.
Financial institutions can be an important partner in proactively monitoring consumers’ sensitive PII, alerting them when it’s been compromised, and clearly identifying what mitigation steps should be taken. By making identity monitoring available to consumers and educating them on their role in stopping synthetic identity fraud, banks and credit unions are also reducing their own risks. Because when a fraudster uses a synthetic identity, it creates victims of financial institutions and consumers – and it is in the real interest of both to work together and stop it.
As a leader in the identity protection market, Sontiq provides relevant fraud and identity theft protection tools at every touchpoint. This approach empowers accountholders while helping our partners reach their goals.
For more information on Sontiq Identity Theft Protection, schedule a demo today.