A Press Release by TransUnion finds instances of synthetic fraud and outstanding balances for suspected synthetic accounts at U.S. financial institutions have declined significantly after the World Health Organization (WHO) declared COVID-19 a global pandemic on March 11, 2020. However, a new analysis by technology analyst firm Aite Group finds the cost of synthetic fraud will rebound post-pandemic, reaching new highs.
Synthetic identity fraud involves fraudsters creating fictitious identities by piecing together real identity attributes and fake information with the intent to open fraudulent accounts.
“The dip in synthetic fraud during the pandemic was a continuation of our 2019 findings that showed synthetic fraud was slowing amid the emergence of solutions that connect personal and digital identities,” said Shai Cohen, senior vice president of Global Fraud Solutions at TransUnion. “We believe this slowdown was compounded by fraudsters who went elsewhere and could be lying in wait to take advantage of pandemic loan forbearance programs that may not have come due yet. Once synthetic fraud reemerges, which we think it will, companies must be ready.”
The latest TransUnion analysis of outstanding balances attributed to suspected synthetic identities for auto, credit card, retail credit card and personal loans found them at their lowest levels since Q1 2016. As of Q3 2020 (latest data available), synthetic fraud balances in those sectors stood at $855 million—down from a high of $1.05 billion in Q3 2018.
The TransUnion analysis found instances of synthetic fraud dropped markedly for most credit products for two consecutive quarters (Q2 and Q3 2020). In Q3 2020, the percent of new auto loans and credit card accounts linked to a synthetic fraudster declined to their lowest points since TransUnion began tracking them in 2016. TransUnion documented a 32% decrease in new credit cards and a 23% decline in new auto loans linked to synthetic fraud from Q3 2019 to Q3 2020. Beyond financial services, which TransUnion documented had by far the highest amounts of digital synthetic fraud in 2020, it determined e-commerce and iGaming were the industries with the second and third highest amounts of synthetic fraud last year.
Despite the recent drop in synthetic fraud at financial institutions, a new TransUnion-sponsored Aite Group report finds the cost of synthetic fraud will rise in the coming years. Aite Group estimates that business losses due to synthetic identity fraud for unsecured U.S. credit products — those that don’t require businesses or individuals to put up any collateral for the loan — will reach $1.8 billion in 2020 and grow to $2.42 billion in 2023.
“Synthetic fraud is an extremely difficult problem to solve,” said Aite Group Research Director, Julie Conroy. “Out of financial services firms that we recently surveyed, 72% said that they believe synthetic identities are a much more challenging issue to identify and address than identity theft.”
TransUnion enhances modern, end-to-end solution for synthetic identity fraud
Mitigating synthetic identity fraud risk requires a layered approach to secure trust in digital channels. To continue helping businesses combat synthetic fraud, TransUnion has added a non-credit synthetic fraud algorithm to its synthetic fraud services, which historically relied heavily on Fair Credit Reporting Act (FCRA) regulated credit data. In addition to the credit and non-credit models, TransUnion also intends to offer full integration of Electronic Consent Based Social Security Number Verification (eCBSV) capabilities in the near future.
The TransUnion TruValidate Synthetic Fraud Models detect potential synthetic identities by analyzing consumer behaviors and uncovering anomalies or suspicious risk, offering a real-time indicator of the threat level before fraud is committed while still supporting a great consumer experience for genuine consumers. The TransUnion TruValidate synthetic fraud solutions include both Fair Credit Reporting Act (FCRA) and now Gramm-Leach-Bliley Act (GLBA) compliant models.
“With almost every consumer’s information for sale on the dark web, today’s fraudsters are extremely adept at creating synthetic identities with fabricated or compromised identity elements,” said Bala Kumar, vice president of product management of Global Fraud Solutions at TransUnion. “Most consumer-facing businesses rely on a variety of identity and digital verification methods to assess initial fraud risk. None of these are adequate to truly identify suspected synthetic identities since they can behave like legitimate accounts.”
TransUnion recently launched its GLBA Synthetic Fraud Model which further ensures a friction-right experience for the majority of consumers who carry little to no synthetic fraud risk and do not warrant additional authentication steps. It analyzes Social Security Number (SSN) and other Personally Identifiable Information sharing across identities, looking for anomalies such as large numbers of consumers sharing an address or unusual address tenure patterns.
In its efforts to thwart synthetic fraud, TransUnion is also finalizing authorization by the U.S. Social Security Administration (SSA) to be an eCBSV service provider. This will enable TransUnion to help financial institutions electronically verify an individual’s SSN with the SSA based on the holder’s consent.
The TransUnion synthetic fraud solutions are part of its flagship identity proofing, risk-based authentication and fraud analytics solution suite—TransUnion TruValidate. Formerly IDVision with iovation, TruValidate unites personal and digital data into one of the most comprehensive data identity platforms in the world. By integrating the TransUnion Synthetic Fraud Model into TruValidate, businesses are able to:
- Optimize new customer onboarding with a friction-right consumer experience
- Orchestrate their entire synthetic fraud strategy with a single point of implementation in concert with existing TransUnion credit and fraud solutions
- Make smarter decisions with the full context of a consumer credit profile, public record data, phone and email risk intelligence, and other identity data sources