Synthetic Identity Frauds and its Impact

Imagine a threat actor stealing your child’s Aadhar number, a neighbor’s PAN number and possibly another’s Driving License details and home address to cobble up a fake identity? What if they then use this identity to apply for credit cards or loans, slowly build up credit ratings, maxes all accounts and then disappears! 

Welcome to the world of Synthetic Identity Frauds, something that appears to be taking center stage in the world of cybercrime in recent times. According to a recent report from TransUnion, a leading credit bureau, the exposure of lenders in the United States to this system of fraud currently stands at a whopping $2.9 billion. 

And, it is growing year-on-year at a frenetic pace. What’s more, synthetic fraud cases are tough to detect due to the fact that it comprises several data parts and they’re virtually impossible to take punitive action as the perpetrators are seldom caught. “Once synthetic fraud is through the door, it is nearly impossible to root out,” says Jason Lord, VP of product marketing for fraud and identity solutions at TransUnion. 

Creating a fake identity is getting easier

A report published by SDxCentral quotes Lord as stating that synthetic fraud would continue to grow year after year. There has been a whopping 382% increase in digital fraud volumes since the pandemic, largely due to the near-oversight move to digital. 

The report notes that synthetic identities have access to $2.9 billion worth of auto loans, bank credit cards, retail credit cards and unsecured personal loans in the United States. For the moment, we have no such data emanating from the Indian banking industry or the financial sector intermediaries operating around them. 

In fact, a survey conducted by PwC revealed that companies in India were grappling with various types of platform fraud, especially given the growth in usage across social media and ecommerce platforms in recent times. However, synthetic identity fraud accounted for only 19% of the frauds on these platforms, as against identity theft (42%) and device theft (25%). 

Auto loans and credit card are at high risk

The TransUnion report says auto loans comprise more than 60% of the total exposure to synthetic identities in 2023, representing a 38% growth year-on-year. The next in line relates to bank credit cards and retain cards. Also, the personal identification data used to fabricate a non-existent individual are getting source from digital fraud and data breaches. 

Across industries, the suspected digital fraud rate grew to 5.3% from 4.5% in a year’s time with telecom having one of the highest rates of frauds or attempted frauds (5.3%). The favored route for such fraudulent transactions remained the credit cards. Insurance, financial services and legal services in the US contributed to the most severe data breaches. 

In terms of personal data, names remained the most exposed followed by social security numbers that were exposed in 69% of all the breaches. Driving licenses and other state identifications got exposed 31% of the time while exposure for checking or savings account numbers also doubled within a year, says TransUnion. 

Need to go beyond KYC to tackle identity theft

The big challenge to tackle this situation stems from the fact that financial institutions do basic identity checks in the KYC formats, especially in the cases of low-risk accounts. However, once the fake identity hits the system, the credit bureau ends up taking them for real as far as the records go and once the credit history develops, they just steal and vanish. 

Going forward the only way to get the system back on the rails is to get the required rigor back into the system. A combination of technology, including artificial intelligence, could be used to create a set of tools that can stop synthetic fraud right before it starts. Moreover, organizations need to drive incentivization to prevent such frauds as at the moment they don’t lose. 

The need for strong identity-proofing methods need to be in place and also become multi-threaded to go beyond just the data. Fraud needs to be looked at from different angles and multiple steps that combine digital and offline responses need to be put in place. Citizens also need to play their part by having regular KYCs done with their banks, which can now be completed using digital tools without having to visit the branches. 

In fact, TransUnion suggests that a large chunk of the fraud could be starting off at the call center levels where fraudsters manipulate interactive voice response or humans into revealing personal identity that can be used for account takeovers. This needs to be prevented by using advanced tools such as forensic line inspections to determine the nature of calls.