Blogs

Synthetic Identity Explained: What To Expect and How To Take Care of It

Fraudsters are cunning, routinely devising ways to commit their nefarious acts. One of these is synthetic identity theft, and it is fast emerging as a major concern, particularly in the fintech space here in Southeast Asia. In fact, recent reports suggest 6 in 10 banks in the region are victimised by synthetic fraud, which is forecasted by the Aite Group to grow to a staggering USD $2.42 billion by the end of this year.

What Is Synthetic Identity Theft?
Synthetic identity theft is a kind of theft by which fraudsters create an actual new identity using real and fake details of different people. This “new person”—the synthetic identity—appears genuine, mostly because it has sufficient verifiable information to make it seem like an actual, credible person. As a result, the cybercriminal can use this synthetic identity to open an account in a bank, make credit card transactions, defraud merchants and government agencies, and con financial institutions.
Think of it as someone stealing someone else’ identity, only this time, the thief does not steal the person’s entire identity—only parts of it in the form of, among other things, social security numbers, driver’s lisence information and birth dates. This information, along with some made-up details, is then used to create an entirely new individual, whose sole purpose is to perpetuate fraud and other financial crimes.

Consider this example: Criminal X, using a variety of underhanded means such as social engineering and phishing, obtains the driver’s licence details (or similar sensitive information) of Person Y. Rather than assume Person Y’s identity, Criminal X simply uses these vital details to create Identity Z using certain personal information. And because there is verifiable information—social security number and driver’s licence details—Criminal X can pass off Identity Z as an actual, existing person so that the former can use the latter to make practically any transaction.

Read HERE about how you can protect your institution from any type of fraud.

More Challenging Than Identity Theft

Synthetic identity theft is actually more challenging to address because of these reasons:

  • There is no actual consumer to alert concerned authorities about the fraud being perpetuated. Hence, it tends to go unreported.
  • The details used are generally “clean”—meaning, there are no crimes or records of wrongdoing attached to the information used.
  • The ruse takes time and approximates how humans transact to prevent it from being flagged for “suspicious activity.”

What usually happens is that the fraudsters allow the fake identity to “mature” first by doing smaller transactions—a small loan here, a small purchase there and so on. Over time, these transactions legitimise the made-up identity, to the point where it can be used to make bigger transactions that the fraudsters will then abandon without paying up, in effect getting away scot-free. Even worse, using conventional methods, synthetic identity fraud is almost impossible to flag during application processes. This likely explains why cybercriminals are beginning to use synthetic identity theft more and more.
The generally “victimless” nature of synthetic identity fraud means the real victims of it are the financial institutions and service providers as they stand to absorb big losses with great frequency for an extended period of time. And, without any paper trail to an actual person, institutions are often left licking their wounds and looking for ways to recoup losses—often without as much as tracking the criminals involved.

Staying One Step Ahead of Synthetic Identity Fraud

Needless to say, organisations will have to be wary of this type of fraud because the costs can pile up. Pymnts, referencing a recent study, notes how financial institutions lost USD $20 billion to synthetic identity fraud in 2020, with the average amount stolen ranging anywhere between USD $81,000 and USD $97,000 before the fraud was spotted. But that was in 2020, and since then, synthetic identity fraud has only grown more sophisticated—and a lot more prevalent.
Now more than ever, organisations must implement stringent measures to prevent it. Unfortunately, synthetic identity fraud is a complex issue, and there is no magic bullet to deal with it. Instead, preventing synthetic identity fraud requires holistic, multi-prong strategies that focus on ensuring the legitimacy of all identities.

Manual scrutiny can be used, provided you use the right tools, like Ekata’s Pro Insight. It is a manual review tool that can help organisations investigate identities but in less time and with less effort and resources needed. A better alternative would be identity verification and fraud prevention technologies, as they can collectively decrease customer wait times, shorten the review process and enhance it at the same time. Such are the desired outcomes in the war on fraud, and they can only be obtained using technology.

The good news is that various providers are offering these technologies. Ekata, a Mastercard company that empowers businesses to enable seamless experiences and combat identity fraud worldwide, is one such company, capable of delivering risk insights that are powered by the Ekata Identity Engine. This solution is composed of two distinct and mutually exclusive data sources: The Ekata Identity Graph and the Ekata Identity Network. Ekata leverages these two different data assets because it not only validates the identity of the elements used but also cross-checks how these elements interact and behave in digital interactions.

All things considered, it is crucial to remember this point: Synthetic identity is hard to catch because enterprises generally do not look outside documentation matching, and neither do they consider looking at how the digital elements are connected. This, in turn, reinforces the need to put in place the use of fraud prevention strategies and technologies such as those offered by Ekata. The benefit of Ekata is that it leans on a variety of data and insights on how the identity elements are connected, and that is how Ekata’s customers are able to asses an identity with a higher degree of certainty.

In other words, Ekata can help you identify and battle synthetic identity theft. Download this e-book now to learn more about this growing threat to your business and effective strategies to combat it.

DSA Editorial

The region’s leading specialist IT news publication focused on Data Lifecycle, Storage Infrastructure and Data-Driven Transformation. DSA has nearly 17,000 e-news subscribers, over 6500 unique visitors per day, over 20,000 social media followers and a reputation for deep domain knowledge.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *