Synthetic identities are digital mashups of real and fake information to create a new identity which can be used to make fraudulent purchases or open fraudulent accounts. They make it possible for fraudsters to evade detection by traditional identity verification controls and even subvert the process, such as credit bureau data, knowledge-based authentication (KBA), etc.
Synthetic identity theft alone may account for 5% of uncollected debt and up to 20% of credit losses, or $6 billion in 2016.
A synthetic identity can also be legitimized by being added as an authorized use on multiple aged accounts and even from the basis for KBA questions later used to challenge the fraudster in subsequent application fraud attempts.
Criminals will make small deposits and withdrawals over time in order to establish a pattern, build trust and establish credit.
Many fraudulent new accounts are opened through online banking, telephone banking or mail. Checks deposited into a fraudulent new account are often stolen and forged, counterfeit or drawn on fraudulent accounts at other financial institutions.
Intelligent risk scoring will identify the real personally identifiable information (PII) components that are fraudulently used to create a Synthetic Identity.
COMPROMISED identifies stolen PII and delivers scored risk intelligence to help flag high, medium and low-level vulnerabilities for CNP Fraud, ID Theft and New Account Creation or Account Takeover. Risk scoring can be performed by single data descriptors or by weighting all of an individual’s exposed credentials.
Our workflows let you set up rules whenever specified events occur. These rules enable you to route users to different outcomes based on the risk score. When you send COMPROMISED an API call, the output of your workflow is immediately returned to help your risk engine make a time sensitive decision.
Risk scores are requested at the key events where fraud or abuse occurs (e.g. ask for score when sending a create order event, open new account, login to existing account, etc.).
How Synthetic Identity risk could be scored when considering compromised credentials: