Synthetic fraud is pretty much what it sounds like: fraud committed through the use of a fabricated identity. Distinct from third party or “identity fraud”, there may not be an immediate consumer victim, or the consumer impact may not be evident for some time—it’s solely the defrauded organization(s) left with the burden. The lack of an immediately injured consumer makes synthetic fraud more difficult to confirm promptly, therefore, not a relatively hot topic for general media outlets to report the way we see massive data breaches covered. However, an increasing number of organizations—not just big banks and fintechs—are preparing themselves to better address synthetic fraud this year as part of their fraud prevention strategy. Here are four reasons to tackle synthetic fraud now:
#1 Synthetic fraud used to be the long game. Not anymore.
With the move to EMV or "chip cards" in the U.S. it’s becoming harder to commit fraud at the point of sale. The result? We are seeing the same patterns that have been observed in other countries as payments migrated from magnetic strips to chips: Ballooning rates of “card-not-present” fraud online and new account application fraud. Synthetic identities can be the key requirement for each. Whether it’s having high-end electronics shipped to a fake identity at a commandeered address or applying for an installment loan, fraudsters need to become someone else to take the proceeds and run. And it’s easier than ever. Data breaches, the move to randomized Social Security Numbers, consumers putting more personal information online, relatively low barriers for entering the credit system, and even changes to the regulatory environment can all work against an organization that’s trying to control this type of fraud.
#2 Options abound beyond credit card fraud
Simply because a criminal enterprise made their first few millions in credit card fraud doesn’t mean they have any loyalty to a single type of fraud. Criminal enterprise follows the path of least resistance. As the opportunity for point-of-sale (POS) fraud lessens, we will certainly see a migration to card-not-present fraud. But what happens beyond credit card fraud? Multiple sources have documented increases in synthetic identities being used in auto lending fraud. Someone with fraudulent intent and a false identity can go into a dealership, where they’ll find a lender willing to finance the car of their synthetic identity’s dreams, and before the lender opens for business Monday, the car is being loaded onto a container ship for sale in a foreign market.
Or, in the hypercompetitive world of online consumer lending, it can be quite simple to apply for an installment credit of a few thousand dollars and have that loaded to a general-purpose prepaid card, registered to a synthetic identity. Further, this action is now being taken by fraudsters in quick succession with multiple lenders in a short period of time—taking advantage of a lack of common knowledge between financial institutions. (Read Pat Phelan's blog about loan stacking here.)
#3 Smaller institutions are being hit
With diversification of fraud comes diversification of victims. Major credit card issuers have been dealing with fraud tied to synthetic identities for some time, but these aren’t the only institutions being impacted.
Recently, a credit union that was using a typical approach to new account fraud detection called our team of fraud consultants after experiencing 20 losses in a short time period tied to synthetic identities. Yes, twenty. A credit union that had never seen this type of fraud before experienced 10 auto loans financed through dealerships and 10 installment loans that were all written off to loss.
#4 Synthetic fraud initiates a snowball effect of losses
Imagine that an organization takes a loss due to a synthetic identity (without a true consumer who has been wronged, they may not know this is a fraud and the loss is logged as a delinquency rather than fraud) and attempts to contact the debtor. Two scenarios could come of this; 1) the synthetic fraudster picks up the phone and explains that the lender should stop trying to collect because this is, in fact, a fraudulent account created with synthetic information; 2) the criminal decides that, maybe just this once, it would be nice to repay the debt. Realistically, both are highly unlikely.
Despite this reality, thousands of hours and dollars are being wasted in collections efforts, unwittingly expecting a positive outcome. In addition to the fraudulent amount that will be written off, synthetic fraud results in losses and operational expenses on the back-end. Leading analysts estimate that up to 25% of collection queues may be synthetic fraud, but without tools to identify this, these debts get worked and reworked by collection departments, while debts that may actually be collected go ignored.
Synthetic fraud is happening now and will only increase if new technology and proper tools aren’t utilized. Criminals are not waiting for the counterfeit window to close before perfecting new techniques. We’re already seeing and hearing of spikes in application fraud with stolen and synthetic identities. We work with many types of organizations—from financial institutions and insurance carriers to e-commerce retailers and local, state and federal governments. All have something in common—there are two choices when it comes to fraud prevention and identity verification: address the problem now, or wait and react. As we have seen time and time again when it comes to a breach in data security, the reactive approach may damage business reputation and drive away many good customers.
Now is the time to prioritize tackling synthetic fraud. To contact me about helping you tackle synthetic fraud, fill out the form below.