Blog article
See all stories »

Synthetic identity fraud: What is it and how can we stop it?

As technology constantly evolves, becomes simpler and more cost effective, it is also simultaneously becoming more accessible to fraudsters. This means we’re seeing a surge in fraud cases. The latest tactic these bad actors are turning to is synthetic identity fraud. In the US, it’s already the fastest growing type of financial crime according to McKinsey – and it won’t be long until it makes an impact on our side of the pond. So, what is synthetic identity fraud, how do fraudsters do it, and how can we put a stop to it?

What is synthetic identity fraud?

Previously, fraudsters have used their own or stolen identities to open new accounts. Now, they have the ability to create identities by pulling together a unique amalgamation of many pieces of false information and/or stolen or modified personal identifying information (PII). This information is usually hacked from a database, phished from unsuspecting victims or bought on the dark web. Since, in most cases there is limited impact on each individual person whose PII was stolen, this fraud often goes unnoticed for long periods.

Once the perfect synthetic identity has been crafted, serious levels of fraud can be committed. In financial services, these bad actors might be using them to build up an excellent credit history, only to later ‘bust out’ and leave huge unpaid debts. Using an online marketplace, they might conduct ‘good’ business long enough to get good customer ratings, and then bailing on confirmed orders to steal customers’ cash. Whether stealing funds, purchasing expensive items, or making money illegally, the nefarious possibilities of synthetic identities are exponential – and becoming popular.

So, what can banks and financial providers do to spot them and stop them in their tracks?

Enter biometrics.

Since standard behaviour modelling methods on their own cannot differentiate between what is and isn’t fraud, combined with the fact that PII is sometimes unreliable, companies will need a fool-proof approach to tackle the growing threat synthetic identity fraud poses. That’s where biometrics come in.

With the help of advanced AI and machine learning, banks can verify new customers’ identities with a selfie and a photo of their ID. These images can then be assessed for potential forgery or alterations, that the selfie is indeed of a ‘live person’ and then compared to one another. This digital identity verification is effective against synthetic identities for multiple reasons – but the one that stands out: most fraudsters don’t want to use a picture of their own face to commit fraud.

Unfortunately, it won’t be long before criminals will be able to fake selfies themselves. Last year, AI researchers demonstrated that even Mona Lisa could be brought to life from one single image, and UCL’s recent threat report goes to show that these ‘deepfakes’ are no longer limited to the dark corners of the internet. If Mona Lisa can be brought to life, it won’t be long until synthetic identities take advantage of selfies created in the same way.

A spoof-proof toolkit.

Today, multiple tools are needed to curb the threat, implementing a ‘toolkit’ of anti-fraud technologies when onboarding new customers will be critical. AI and machine learning can help spot synthetic images, while digital verification of ID documents can ensure the name exists, that the ID hasn’t been stolen, and the image matches the ID document. Combining biometrics with ID document verification and checking for overlaps in the PII by using link analysis are also important. A last line of defence made up of human experts should also always be on hand. These experts are highly trained to spot whether customers really are who they say they are.  

The latest ‘tool’ in preventing synthetic identity fraud is Near Field Communication (NFC) technology. Helping to authenticate identities quicker, more securely and reliably. We’ve seen airports implement this type of technology as part of their border control process – rather than in-person passport checks, travellers scan their e-Passports, have their photos taken and the two are compared against each other for a match. Now, banks can do the same.

Users scan the NFC enabled ‘chipped’ ID document and take a photo of themselves, and a wealth of biographical information is unlocked from the ID chip. Not only is this user-friendly, providing more security simply by scanning a chip. It also reveals more fraud than is currently possible, helping banks stop synthetic identity fraud. How? As NFC technology accurately and securely obtains biographical and biometric information from an ID, fraudsters wouldn’t be able to submit an amalgamation of stolen and fake information – it would conflict with their chosen ID and image. Fraudsters could literally be stopped in their tracks.

Traditional methods such as passwords and knowledge-based authentication are no longer sufficient in fending off 21st century fraudsters. To stop them outsmarting even the most digitally advanced banks and fintechs, the industry needs to adopt an approach with multiple lines of defence.

Having the right technological tools at the right customer touchpoints – armed with a toolkit of AI, machine learning, biometrics, NFC and human agents – banks can know their customers are really who they say they are. So, even if Mona Lisa herself applies for a bank account, we’ll be able to detect if she really does exist.

 

 

3170

Comments: (0)

Joe Bloemendaal

Joe Bloemendaal

Head of Strategy

Mitek

Member since

20 May

Location

Amsterdam

Blog posts

2

This post is from a series of posts in the group:

Digital Identity Management

Discuss upcoming trends in digital proofing, authentication, fraud and digital identity management.


See all