Federal Reserve Shares Tips On Mitigating Synthetic Identity Fraud

Federal Reserve Shares Tips On Mitigating Synthetic Identity Fraud

Image: Jesús Rocha

The U.S. Federal Reserve today issued guidance on how financial organizations from the United States can mitigate payment fraud attempts scammers carry out with the help of synthetic identity accounts. 

The white paper published today by the Federal Reserve on mitigating synthetic identity payments fraud comes after two previous white papers on defining and detecting such payments fraud attempts.

Synthetic identities are created by fraudsters after combining real information (like Social Security Numbers) and fake information (names, dates of birth, and addresses).

They are subsequently used for creating new accounts that might escape common ineffective fraud detection models, accounts that might be portrayed as credit-worthy account holders.

“This affords perpetrators the time to cultivate these identities, build positive credit histories, and increase their borrowing or spending power before ‘busting out’ – the process of maxing out a line of credit with no intention to repay,” the Federal Reserve explains.

“Synthetic identity accounts behave more like normal customers – building credit over a period of time – than conventional identity fraudsters, who must rapidly cash in before the victim notices and reports the theft.”

Synthetic identity payments fraud is reportedly the quickest-growing type of financial crime in the US according to McKinsey research.

An Auriemma Group analysis says that 5% of charged-off credit card accounts may be linked to synthetic identity fraud, costing U.S. lenders $6 billion on an average unpaid debt of  $15,000 per account, amounting to 20% of credit losses in 2016.

The Federal Reserve says that traditional fraud detection models are not designed to detect synthetic identities and this leads to fraudsters successfully using them as part of their fraud attempts.

Such fraud discovery models are ineffective at detecting between 85% to 95% of likely synthetic identities according to an estimate shared in an ID Analytics study.

Synthetic identity fraud is not a problem that organizations or industries can tackle independently, given its far-reaching effects on the U.S. financial system, private industries – such as healthcare, automotive and insurance – government entities and consumers.

“Organizations have the best chance of identifying synthetics if they use a layered fraud mitigation approach that incorporates both manual and technological data analysis,” Federal Reserve Bank of Boston SVP and secure payments strategy leader Jim Cunha said.

“In addition, sharing information both internally and with others across the payments industry helps organizations learn about shifting fraud tactics.”

Also read: Digital Transformation – Do Or Die in 2020

Synthetic identity payments fraud mitigation measures

A multi-layered approach including manual and technological data analysis is recommended to organizations that want to have the best chance to detect and mitigate financial fraud attempts were synthetic identities are used.

Financial orgs that have shown the greatest rate of successes in identifying and mitigating synthetic identity fraud “are those that look beyond basic PII elements (such as name, SSN, date of birth and address) and use additional data sources to gain reasonable assurance of the applicant’s identity.”

Another way to improve synthetic identity fraud detection is to implement robust link analysis processes designed to look across various banking instruments including lending accounts, checking accounts, and other financial instruments with the end goal of recognizing common characteristics of synthetic identities.

“Examples include identifying multiple users with the same SSN, screening for multiple account applications originating from the same IP address or device, and detecting potential fraud networks by linking identities that appear as authorized users on multiple accounts,” the Federal Reserve added.

Organizations can also conduct synthetic identity link analysis “across multiple banks for service providers that have multiple financial institutions as clients.”

Financial institutions are also advised to share information across product lines to allow for easier discovery of common tactics of synthetic identity fraudsters such as opening multiple accounts (credit card, direct deposit account, line of credit, auto loan, or mortgage) at the same organization.

“Experts have suggested that a holistic approach would be the most effective way to mitigate synthetic identity fraud,” the Federal Reserve concluded.

“This approach should include a consistent definition of synthetic identity fraud, technological innovation, robust data solutions for identity verification and an ongoing fraud mitigation dialogue between private industry and government agencies.”

Also read: Free 8 Steps Checklist for Companies to Prevent Data Breach