Key Takeaways:
- Synthetic identity fraud is accelerating, driven by generative AI and deepfake technologies that enable large-scale, hard-to-detect attacks.
- Traditional identity verification is no longer enough. You must adopt a clear view of identity — including device intelligence, behavioral analytics and cross-channel linkages — to fortify fraud protection and detection.
- Identity is both the enabler of fraud and the key to defeating it — fraudsters exploit identity data to gain access, while you must master identity management to secure your systems.
- Consumers support stronger security measures when they’re proportional to the risk.
- You must shift from reactive to resilient strategies, investing in AI-aware tools and holistic identity frameworks to stay ahead of evolving threats.
The rise of AI-powered synthetic identity fraud is one of the most urgent threats facing you today. GenAI and deepfake technologies are increasingly being used to circumvent traditional identity verification defenses and commit widespread fraud. To confront — and explore how to stay ahead of — the issue, the 2025 Datos Financial Crime and Cybersecurity Forum in Charlotte hosted a standout panel session titled “Synthetic Identities 2.0: Detecting Fraud Enhanced With Deepfake Technology.” The conversation featured experts from across the financial services and cybersecurity landscape, including TransUnion® Senior Director of Market Development Eric Ondik.
The new face of fraud: AI-generated identities and deepfakes
Synthetic identity fraud is no longer a fringe threat. According to Datos Insights’ recent report:
- 56% of financial institutions (FIs) identified synthetic identities as their top fraud concern for the next two years
- 40% have seen increased attack rates tied to GenAI
- 29% observed deepfakes being used in synthetic fraud attempts
These AI-enhanced identities are often used to create “sleeper accounts” that mimic legitimate customer behavior, increasing exposure through cross-selling and credit limit increases — only to “bust out” with major losses later.
“Fraudsters aren’t just stealing identities anymore — they’re building them from scratch using AI,” said Ondik. “And they’re doing it at scale with tools that are becoming more accessible on the dark web. That’s a game-changer for fraudsters seeking to avoid detection.”
Detection is lagging — but change is coming
According to Datos, despite growing awareness, many institutions are still playing catch-up:
- Only 22% of FIs reported significant success in detecting synthetic identities
- 83% planned to upgrade detection capabilities during onboarding
- Just 36% are enhancing account management systems to detect existing synthetic accounts
This gap leaves you vulnerable to long-term fraud exposure, especially as synthetic identities become more sophisticated and harder to detect using traditional methods.
Identity is the new battleground
In the digital fraud landscape, identity is both the weapon and the shield. Fraudsters exploit identity data — whether stolen, fabricated or synthetically generated — to infiltrate financial systems, create sleeper accounts and execute large-scale fraud. But that same concept of identity, when properly understood and managed, is also the most powerful tool you have for fighting back.
Traditional identity verification methods — relying on static data like name, address, date of birth and Social Security number — are no longer sufficient. These elements are available on the dark web due to unceasing data breaches and social engineering attacks. Fraudsters now use GenAI to stitch together these fragments into convincing synthetic identities, often enhanced with deepfake documents, and attack using bot-driven application submissions.
“Fraud is no longer just about stealing identities — it’s about constructing them,” noted Ondik. “And if financial institutions don’t evolve their understandings of identity, they’ll be fighting today’s battle with yesterday’s tools.”
To counter this, you must embrace a clear picture of identity, which can help you assess the strength, tenure and frequency of linkages for more robust and reliable views of individuals. With these insights, you can be more confident in consumer identity for stronger protection against evolving fraud threats — while giving trusted consumers the streamlined experiences they deserve and demand.
To achieve a clear picture of identity, you need high-quality data governed by a holistic data strategy that breaks down silos, complies with universal standards, adheres to regulations and increases efficiency. Key data elements and signals required for a unified and resolved view of identity include:
- Device intelligence — history, reputation and behavioral patterns
- IP and geolocation signals to detect anomalies and spoofing
- Cross-channel linkages that connect identity elements across web, mobile and phone channels
- Behavioral analytics to distinguish human from bot activity and detect deepfake usage
This evolved approach enables you to distinguish legitimate consumers from synthetic or compromised profiles. It also allows for smarter, risk-based decisions across the customer lifecycle — from account creation and management to transaction monitoring and ongoing review.
Ultimately, identity is the universal enabler. It’s what fraudsters manipulate to gain access and what you must master to keep them out.
Consumers expect protection — and are paying attention
TransUnion’s latest Consumer Pulse Study revealed 58% of US consumers cite identity theft as their top cyber concern. While they expect smooth and seamless digital experiences, they also demand strong protections for their personal data.
Interestingly, friction isn’t always a bad thing. Consumers are increasingly open to security measures — so long as they’re proportional to the risk. The key is delivering friction-right experiences that protect without alienating. According to another TransUnion survey, 71% of US consumers said they’re willing to accept additional security steps during digital interactions if it means better protection of their personal data.
Turning the tide: from reactive to resilient
The fight against synthetic identity fraud isn’t just about reacting faster — it’s about building resilience into every layer of your fraud prevention strategy. You must shift from isolated defenses to integrated, intelligence-driven systems that evolve alongside the threats. By embracing a modern definition of identity, investing in AI-aware detection tools and fostering collaboration across the industry, you can move from being a target to becoming a trusted guardian of digital identity.
The future of fraud prevention isn’t just about stopping synthetic attacks — it’s about understanding identity deeply enough to recognize the true risk in every identity during every interaction — and act accordingly to reduce fraud and grow your business.
Bolster your defenses against synthetic identities
Explore how TransUnion can help your organization stay ahead of synthetic identity fraud with a clear picture of identity, learn more.
