While banks have been successful in reducing card fraud in recent years, a new and rising threat has emerged: synthetic identity fraud. By combining real and falsified information on digital platforms, financial criminals have been able to commit this type of fraud with impunity.
There are a number of reasons why synthetic fraud is on the rise, but there are also actions banks and other financial institutions can take to prevent this growing trend from doing damage.
Synthetic fraud on the rise
Banks around the world have faced difficulty in recognizing this type of complex fraud. Synthetic identity fraudsters are expert cybercriminals. They make use of the dark web to acquire legitimate personal information which they then blend with falsified information. They will then use this newly formed identity to establish a positive credit report and spend or borrow until they’ve maxed out their spending abilities.
They will often have multiple synthetic identities in play simultaneously to maximize the impact of their efforts. And it is hard to detect because these synthetic identities even have genuine profiles with the credit bureaus which the fraudsters creatively engineer.
An economic environment primed for fraud
Due to the economic toll the coronavirus pandemic has taken on the world, global GDP is expected to be negative this year. As a result, there has been and will continue to be an increase in the size of the banks’ loan portfolios, as businesses that are struggling to manage working capital requirements in a challenging commercial climate seek new lines of credit. The same demand for additional credit is similarly anticipated for retail customers.
As such, it will be easier to hide fraud within an environment where there is more lending activity, a larger portfolio to monitor and more losses to recover. This environment allows criminals to hide inside the noise of economic turmoil, while financial institutions struggle to cope with the sheer volume of applications, overwhelmed with the amount of identity checking they have to undertake.
It will also become harder to differentiate between delinquencies and defaults from genuine customers in distress and deliberate attacks from fraudsters as these loans come due for repayment.
Further, more individuals may be tempted to turn to fraud to maintain their lifestyles in an environment where they’ve lost jobs, financial security and are dealing with other economic difficulties.
Prioritizing customer experience
Under the unusual circumstances surrounding the pandemic, more identification and verification has had to happen in remote channels, a change that is unlikely to roll back. While convenient and speedy for consumers and banks, it’s far easier to commit fraud when transactions, checks and identities exist entirely in the digital sphere.
Traditional means of increasing protection, such as a more in-depth process to prove identity, makes an institution less appealing to work with for the average consumer. Individuals simply do not want to spend extra time on a process they could more easily complete at a competing bank. In fear of losing business, many banks now offer a streamlined and frictionless experience for their customers, even to the extent they are willing to accept the exposure this creates for fraud.
Fraudsters continuously test all banks for vulnerabilities, they identify the easiest targets and then concentrate their attacks on those institutions until their scheme is detected and interrupted.
Organized crime circles have developed new methods to exploit these vulnerabilities and often target young individuals with little-to-no credit history or the elderly – segments of the population unlikely to routinely check their credit reports.
Stopping synthetic fraud
Despite its rise and increase in sophistication, identity theft and synthetic fraud are not foregone conclusions that banks must simply learn to live with. And banks should not have to compromise their customer experience in order to implement appropriate fraud controls.
Many banks’ instincts are to improve authentication processes to prove a physical person is the same as the person on an application. However, by leveraging cross channel intelligence, including device data and external data sources, institutions can protect themselves and customers without making the verification process overly complicated for consumers.
Entity resolution will be crucial to stopping synthetic fraud over the coming years. Entity resolution brings together data from many sources and more easily identifies information discrepancies which are red flags for synthetic identity fraud. Entity resolution looks at everything about a person on an application or credit report, analyzing whether they use consistent addresses, phone numbers, email addresses, name spellings and other pieces of information.
Financial institutions will also need to more closely monitor networks, as organized crime tends to leave behind connected footprints which can be detected using the right techniques and tools. Banks will need to find better solutions, using network analytics to track where money is flowing from and to, identifying patterns that may point to fraud.
Overall, banks must face the reality that synthetic identity fraudsters, although a very small proportion of the total customer base, materially impact their impairments and lending losses.
From there, it’s time to create a plan of attack, using entity resolution, network analytics and some creativity to tackle synthetic fraud at scale.