Key Takeaways:
- Synthetic identity fraud exposure reached $3.3 billion for US lenders at the end of 2024
- Super prime synthetic identities 12.5 times more likely to default than non-synthetics
- Suspected digital fraud made up 6.5% of new account transactions in 2024
As digital transactions surge, so does fraud. In 2024, 6.5% of new account transactions were suspected digital fraud, eroding consumer trust and exposing businesses to financial and reputational risks. The challenge for organizations is clear: How can trustworthy customers be identified?
At the 2025 Identiverse Conference, TransUnion® Senior Fraud Consultant Matt Badgerow highlighted the growing risk of synthetic identity fraud, an insidious threat that often goes undetected. In a presentation titled Let’s Get Real: How to Tell Which Customers You Can Trust, he shared how TransUnion’s advanced risk signals and analytics help organizations better detect and prevent synthetic identity schemes before they result in costly fraud.
For deeper insights, watch Security Week’s interview with Matt from the conference floor.
Data breaches give fraudsters everything they need to build a synthetic identity
Years of data breaches have exposed millions of consumers’ personally identifying information (PII) — Social Security numbers, addresses, emails and more —unearthing the raw materials fraudsters need to create fake identities.
The scope is staggering. There’s been an average of 3,300 large data breaches in the US over the past five years, with healthcare, financial services and local governmental organizations among the hardest hit. Not only that, but data breach severity rose 34% in 2024 based on TransUnion analysis. While the pace of data breaches slowed slightly in 2024, their severity increased, fueling sophisticated fraud schemes like synthetic identity fraud — perhaps the most dangerous of all.
Why do synthetic identities pose high risk for organizations?
Synthetic identity fraud involves blending real and fake data to create fictitious identities that appear legitimate. For example, fraudsters might use a real Social Security number from a child, elderly person or deceased individual and pair it with a fake name, date of birth and address. This synthetic identity is then used to open accounts of financial value, such as credit cards, loans, mobile phone subscriptions or retail credit.
While plenty of individual fraudsters use synthetic identities, criminal fraud rings often organize to perpetrate synthetic identity fraud on a larger scale. The potential loss is significant: TransUnion estimates US lenders faced $3.3 billion in synthetic identity fraud loss exposure tied to open accounts at the end of 2024 — a 3% year-over-year increase.
How does synthetic identity fraud happen?
Using generative artificial intelligence (GenAI), organized crime rings can simultaneously employ multiple techniques at scale, attempting to get hundreds of credit applications or other transactions accepted all at once. The process typically unfolds in stages, with fraudsters taking the following actions:
- Data acquisition: Obtain real personal data from breaches, purchase data on the dark web or scam consumers into giving up PII
- Identity creation: Blend real and fake data to form a new identity
- Credit file establishment: Apply for low-value credit cards or become authorized users on existing accounts
- Credit building: Make small purchases and payments to build a positive credit history
- Bust-out fraud: Max out available credit lines and disappear without a trace
Why fraudsters are playing the long game with synthetics?
What makes synthetic identity fraud particularly insidious is the sheer patience involved among the criminals who perpetrate it. Because synthetic identities often pass traditional identity verification checks and slip through fraud detection systems, fraudsters can take time to nurture their fake identities for months or even years, slowly building credit histories that attract significant buying power and access to premium financial products.
Because of this, synthetic identity fraud poses a greater risk at higher credit tiers. Recent analysis shows while synthetic identities in lower credit tiers have delinquency rates similar to real borrowers, they’re significantly riskier at higher credit tiers — 3.6× higher in prime plus and 12.5× higher in super prime.
| DPD 90 in Two Years | Non-synthetic | Synthetic* | Lift |
|---|---|---|---|
| Subprime | 29.2% | 32.1% | 1.1x |
| Near prime | 17.2% | 17.4% | 1.0x |
| Prime | 7.7% | 11.7% | 1.5x |
| Prime plus | 2.5% | 9.1% | 3.6x |
| Super prime | 0.6% | 7.5% | 12.5x |
Source: 2024 Data from internal TransUnion analysis
*Consumers that scored 720 or higher on TruValidate FCRA Synthetic Fraud Score
VantageScore® 4.0 risk ranges: Subprime = 300-600, Near prime = 601-660, Prime = 661-721, Prime plus = 721-780, Super prime = 781-850
Such a counterintuitive pattern occurs because synthetic fraudsters invest significant time and effort into building pristine credit profiles to access higher credit limits and better terms. When they finally execute their “bust-out,” the losses are proportionately more severe.
Why is it so hard to assess digital identity risk?
Gauging digital identity risk is complicated due to advanced evasion technologies and new fraud tactics that are no match for basic identity verification checks, simple device fingerprinting and other traditional fraud detection methods.
Tools like emulators, proxies and VPNs are used to mask fraudulent activities, making it nearly impossible to determine true device locations and user identities. GenAI and automated attacks are constantly changing fraud tactics — fueled by machine learning (ML) tools that adapt faster than traditional detection methods can respond.
Additionally, limited data analysis capabilities hinder the detection of subtle threats as legacy systems often rely on insufficient identity attributes that miss more sophisticated and stealthy fraud attempts.
Determining digital “realness” requires answering the right questions
To combat evolving threats, organizations must adopt rigorous identity verification and authentication checks that can effectively determine whether they’re dealing with a real person or sophisticated synthetic identity. The key lies in answering critical questions about each digital interaction, such as:
- Is the IP address legitimate?
Real users connect from IP addresses associated with actual households — not data centers, VPNs or proxy servers that fraudsters use to mask their true locations. - Does browsing behavior seem human?
Genuine users exhibit natural browsing patterns, while automated fraud tools and bots display mechanical, repetitive, high-velocity behaviors. - Do device characteristics indicate authenticity?
Real users access accounts from consistent devices with normal technical configurations, while fraudsters often use emulators or frequently change device fingerprints. - Has the email address been established over time?
Legitimate email addresses have usage history and correspond logically with devices being used, while fraudsters often use newly created or suspicious email domains. - Do all identity elements connect naturally?
Genuine identities show consistent linkages between name, phone, address and email that reflect real-world relationships built over time.
How to establish digital identity “realness”?
Successfully determining digital identity legitimacy requires connecting multiple data points to create a clear view of an identity. These include:
- Identity elements like names, addresses, phone numbers and email addresses that can be cross-verified
- Device intelligence, including behavioral signals, velocity indicators and attempts to obfuscate true device characteristics
- Digital footprints from phone usage patterns, email deliverability history and IP address reputation
- Verification networks that link identity elements across multiple authoritative data sources
Pulling data elements into an actionable identity graph is where the magic happens. Creating a robust identity graph enables organizations to distinguish between legitimate consumers building authentic digital relationships and synthetic identities carefully constructed by fraudsters.
Identity graph designed to determine consumer “realness”
The components of effective synthetic fraud prevention
Reducing the risk of synthetic identity fraud requires a layered approach for illuminating diverse and evolving risk signals. Machine learning models, powered by real-time fraud feedback, can detect synthetic identities while minimizing false positives. Passive risk assessments combined with identity verification better ensure friction-right user experiences, with step-up authentication introduced only when needed. Components include:
Advanced device intelligence analyzes device location, reputation history and recent behavioral patterns to detect evasion tactics like proxies, VPNs and emulators.
Stronger device signals for confident digital identity risk decisioning
Enhanced identity verification cross-references diverse data sources, including fraud databases, government records, wireless carrier data and proprietary customer relationship management systems to build a clear picture of an identity.
Better and more diverse data sources improve identity verification
Cross-reference validation ensures all identity elements (name, phone, address, email) are genuinely linked to the same individual.
Increase confidence identity elements provided are linked to the same individual
How successful organizations succeed in combating synthetic fraud
- Assess device and identity risk more comprehensively
- Verify accuracy of consumer-provided identity elements
- Confirm linkage among identity components across multiple data sources
- Use layered risk assessment to maintain positive user experiences
- Leverage advanced analytics powered by real-time fraud intelligence
Solving for the Identiverse 2025 Digital Identity Challenge
The central focus of Identiverse was digital identity resolution. Organizations have pursued digital transformation to delight customers and improve business performance. But that’s opened them up to more fraud and makes it harder to meet regulatory compliance.
Digital identity is the key to addressing all these challenges. As we discussed during our Identiverse session, Let’s Get Real: How to Tell Which Customers You Can Trust, TransUnion’s advanced risk signals and analytics help organizations better verify digital identities, recognize trustworthy customers and reduce fraud risk.
Protect your business with TransUnion fraud and identity solutions
Synthetic identity fraud demands modern solutions. TransUnion TruValidate™ fraud and identity solutions combine advanced device intelligence, identity verification and cross-reference validation to help stop fraud before it strikes.
Stop fraudsters from exploiting your organization — get our Executive Guide to Combating Synthetic Identity Fraud.
