The Hallmarks of a Synthetic Identity
Hidden in plain sight
Synthetic identity fraud is an insidious problem growing in sophistication, intensity, and frequency. Unlike traditional identity theft, synthetic identity fraud involves creating fictitious identities using a blend of real and fake credentials, earning them the nickname "Frankenstein" identities.
As they are not tied directly to any real person, and there’s no victim to report the fraud, detecting, and preventing them can be particularly difficult.
Not an overnight crime
Fraudsters can spend months, or even years, establishing strong credit profiles by applying for credit cards and accounts. Newly created synthetic identities initially resemble 'thin file' identities, lacking a credit footprint or associated data. However, over time, they gradually build their credit scores by making payments on time, thereby gaining the trust of lenders and other institutions - appearing like the perfect customer.
Despite their sophisticated fraud prevention measures, banks and other financial institutions struggle to detect synthetic identities once they have become established and onboarded as a customer. Our research indicates that many first- and third-party fraud solutions fail to detect synthetic identities. Specifically, 85% of synthetic identities were not flagged by third-party models, and over 50% of these identities meet credit defence criteria with credit scores above 650.
When fraudsters decide to cash out, they do so with substantial sums, leaving no real person for lenders to pursue. Often, these losses are mistakenly written off as credit defaults rather than fraud.
Seven tell-tale signs for spotting Frankenstein identities
One of the most prominent red flags of synthetic identities is their absence from the likes of trusted data sources. These Frankenstein identities often will not have an electoral roll record, or appear on other official databases.
Another crucial indicator is the credit footprint of the individual. Synthetic identities often have credit records that contain only financial transactions. These records lack any non-financial data, such as employment history or utility accounts, which typically appear for real individuals.
Synthetic identities frequently show signs of manipulation in their Personal Identifiable Information (PII). This can include numerous variations in the spelling of the same name, inconsistent birth dates, or different combinations of email addresses.
Synthetic identities often share common data points like email addresses, phone numbers, and even PII. This interconnected web allows them to establish a network that appears legitimate on the surface, but is actually composed of fictitious identities reinforcing each other.
Our analysis reveals multiple examples of properties, often in isolated rural locations across the UK, with multiple identities linked to them, highly suspected of being used as ‘synthetic farms’ to develop and mature the credit footprints of synthetic identities. A common characteristic of synthetic farms is often an easily accessible and unsecure post box, allowing fraudsters to intercept mail.
A real person’s identity is typically intertwined with those of their family members, such as parents, spouses, and children. Synthetic identities, however, usually lack these connections. The absence of family ties in an identity’s records can be a significant clue that the identity is not legitimate.
Synthetic identities are often crafted from a blend of real and fake credentials, with the real information frequently sourced from the likes of data breaches. This hybrid composition enables synthetic identities to evade traditional verification processes, as they partially match real-world records, making detection significantly more challenging.
A set of common high-risk characteristics can help to distinguish legitimate thin-file applicants from those of a Frankenstein identity.
This is achieved through a screening model, grounded in a deep understanding of synthetic identity creation and maturation which reveals tell-tale signs that significantly increase the probability of detection.
DNA of a Synthetic Identity
A growing concern for UK financial services firms
LexisNexis Risk Solutions data reveals that nearly three million identities in the UK exhibit multiple high-risk factors, and hundreds of thousands more are created annually. The volume of high-risk synthetic identities surged by 527% from 2022 to 2023. Without intervention, this trend could cost businesses over £4.2 billion in the next three years.
Download our latest synthetic identity report to help you begin to understand how you can start to assess how much of your customer database may be infested with synthetic identities.
