Synthetic identity fraud is no longer an emerging threat — it is a widespread, systemic challenge affecting organizations across industries. From financial institutions and telecom providers to ecommerce platforms and government agencies, the creation and misuse of synthetic identities is enabling billions in fraud losses and undermining the integrity of commerce ecosystems. These identities are not stolen from real people — they’re fabricated, often nurtured for months or years, and used to secure credit, services or benefits before disappearing without a trace.

This guide offers a robust view into the drivers of synthetic identity fraud, mechanisms by which these identities are constructed, and the most effective approaches to detecting and disrupting them without impacting the customer experience. By examining patterns across industries and applying multilayered risk strategies, leaders can gain a clearer picture of who their customers really are — and who they’re not.

Synthetic identities are crafted using a mix of real and fabricated data — often including stolen Social Security numbers (SSN), false names, digital contact details and legitimate-appearing behavioral histories. These identities are designed to appear credible, frequently evading traditional identity verification processes.

The rise of synthetic identity fraud has been fueled by a confluence of factors, including:

There’s no one way criminals perpetrate synthetic identity fraud. Once an account is created with a synthetic identity, fraudsters may choose to just take money, products or services immediately — or they may maintain the account while building up positive history of payments, enabling them to leverage that account to secure additional accounts before maxing out available funds and disappearing.

Organizations are increasingly challenged to distinguish real customers from synthetic ones, especially when these fabricated identities display consistent, low-risk behavior.

Synthetic identity fraud affects every industry that relies on verifying customer or applicant identities. The challenge for many organizations is synthetic identities aren’t discovered until after a fraud loss has occurred. However, given the scale of the known exposure, every industry faces digital fraud risk:

The unifying theme across these sectors is vulnerability to trust-based systems. Wherever digital onboarding is used and identity is presumed legitimate, synthetic identities can gain entry.

Telling the difference between actual people and a synthetic identity is hard, especially during automated digital onboarding. That’s mainly because a fraudster’s goal with a synthetic identity is to build legitimacy in the form of positive credit history.

To do this, synthetics often follow predictable behavioral arcs, such as:

• Starting with low-value products or services (e.g., secured cards, authorized user on an existing account, installment plans)
• Building a stable behavioral history (timely payments, regular usage)
• Securing higher-value access, increased privileges or additional accounts at the same or another company
• Suddenly maxing out access — credit lines, device financing or services — and vanishing

This final act — bust-out fraud in lending, subscription application fraud in telecommunications or policy abuse in ecommerce — is frequently misclassified as consumer default and written off as bad debt. Without accurate identity resolution, an organization cannot recover the loss or trace the perpetrator. In some cases, fraudsters manage dozens or hundreds of synthetic profiles simultaneously, using AI-enabled automation and social engineering to scale criminal operations.

To stay ahead of synthetic identity fraud, organizations must implement an integrated, intelligence-driven approach.

Key strategies include:

• Strengthened digital onboarding controls
  Validate identity elements against authoritative sources. Use device fingerprinting, email and phone risk scoring, and behavioral biometrics.
• Synthetic identity scoring
  Apply machine learning models trained on known synthetic behavior patterns, including rapid tradeline accumulation or shared contact info across identities.
• Cross-industry intelligence sharing
  Participate in fraud consortiums and share risk signals across sectors. Synthetic activity in one vertical often precedes attacks in another.
• Credit abuse modeling
  Monitor for bust-out behavior signals like simultaneous utilization spikes, declining payments and high-frequency account openings.
• Continuous portfolio monitoring
  Periodically audit customer databases for identity anomalies, inconsistencies or high synthetic risk scores.
• Risk-based orchestration
  Calibrate friction based on real-time identity risk, stepping up verification only when signals demand it.

Fraud and risk leaders must align internal functions — fraud, credit, loyalty, marketing, operations and compliance — and modernize identity decisioning systems to mitigate synthetic identity threats. 

Many organizations don't understand their exposure to synthetic identity risk. Recent TransUnion analysis of credit accounts indicated 0.19% of bank card, retail card, auto and personal loans had high risk of synthetic identity, representing $3.3 billion in fraud loss risk exposure.

A good place to start is to test a sample of your customer file or new account transactions using a synthetic fraud model. With insight into your risk, you can make informed decisions as to how to implement the right protections for your new account opening and account review processes.

Synthetic identities pose a real risk to your organization — a risk that’s only accelerating as criminals use generative AI to get around traditional identity verification and authentication tools. Achieving a clear picture of identity isn’t just about stopping fraud — it’s about protecting your organization’s reputation, financial performance and customer relationships in a digital world where trust is paramount and appearances can be deceiving.