Catching synthetic identities by sifting through clues in public data

Synthetic identities have become an increasing threat over the past years: Constructed by combining authentic and fabricated information, such as stolen Social Security numbers and false names and contact information, synthetic identities are made to look credible enough to fool many identity verification systems.

Companies such as TransUnion are now trying to catch synthetic identities by playing detective and searching for clues in public data. Its new research shows that certain traits and behavioral characteristics can help identify them: A person may have no known relatives or no vehicle registrations. It may be missing voter or property records. Nearly every synthetic identity, for instance, had no bankruptcies.

Its main tool of investigation is the TransUnion’s Synthetic Fraud Model. According to its figures, 85.6 percent of the fraud predictions offered by the model prove to be true.

“While the presence of living characteristics such as vehicle ownership, voter registration, or familial connections is not a definitive solution to detecting synthetic identities, it represents an important piece of the broader identity puzzle,” Steve Yin, the company’s senior vice president and global head of fraud, said in a release this week.

The other 14.4 percent of suspected synthetic identities who turn out to be real people go through additional authentication. The process balances automated decisioning with things like manual reviews from fraud specialists, Brad Daughdrill, TransUnion’s vice president of Data Science and head of Global Fraud Analytics, explains to Biometric Update over email.

TransUnion first launched its Gramm-Leach-Bliley Act (GLBA) Synthetic Fraud Model in 2021. The model analyzes Personally Identifiable Information (PII) for inconsistencies and patterns that point to a fabricated identity.

Since then, the model has evolved through newer data and techniques such as AI, machine learning and graph-based constructs. It has also received new infrastructure, including centralization, more automation and faster update cadence, says Daughdrill.

Despite this, fraudsters operating synthetic identities are smart: There is no single model for creating a fake persona, making them harder to trace.

Fraudsters also establish their legitimacy by building a credit history, taking out loans for low-value products and services and paying their dues regularly to avoid raising any behavioral red flags. Once they secure access to higher value, they suddenly max out their credit and disappear.

Many organizations do not understand their exposure to synthetic identity risk. According to TransUnion’s analysis of credit accounts, 0.19 percent of bank card, retail card, auto and personal loans had a high risk of synthetic identity, amounting to US$3.3 billion in fraud loss risk exposure.

Risks are also growing in part because of large-scale data leaks: 640 million consumer records were breached last year, most of them including Social Security numbers (SSNs), says TransUnion. Breach severity is a leading indicator of future fraud, according to Yin.

Around 80 percent of financial services customers who had charged off on loans and credit card accounts, meaning that the lender has written the account off as a loss, returned a high synthetic identity risk score — despite passing a standard identity check, TransUnion points out.

One of the company’s recommendations for preventing synthetic fraud is making identity validation a lifecycle activity, instead of a one-time event. A synthetic identity would be assessed during the account creation process, but also throughout account review.

“Processes like credential change, new product opening, money movement, etc., all of these could be continually assessed for new fraud risks, including synthetics,” says Daughdrill.

The additional checks will have to balance out the customer friction. That is always a challenge and will differ across organizations for their risk tolerances, he notes.

Aside from improving fraud detection models and adding more transparency and accountability to vendor and partner ecosystems, another recommendation from TransUnion is breaking down data silos and establishing centralized fraud intelligence hubs.

“TransUnion has consortia within some of our solutions and competitors do as well,” says Daughdrill.

Article Topics

digital identity  |  fraud prevention  |  identity proofing  |  identity theft  |  synthetic identity fraud  |  TransUnion