CIOREVIEW >> Identity Governance and Administration >>

How Can Organizations Prepare For Synthetic Identity Fraud Attacks?

By CIOReview | Monday, December 9, 2019

Synthetic identity fraud attacks are soaring in organizations, and companies are now looking out for a better way to address this issue.

Fremont, CA: Many financial organizations and retailers are facing a severe crisis with the rise in technologies that help fraudsters to carry out attacks. One such attack is the synthetic identity fraud implemented by criminals who have created fictitious identities. However, many remain optimistic that initiatives like the Social Security Administration’s electronic Consent Based Social Security Number Verification service—the pilot program scheduled for June 2020—can disrupt fraudulent behaviour. It is designed to add efficiency to the process for verifying social security numbers directly with the government agency.

Fraudsters are spending a lot to build numerous tradelines, which are the credit accounts listed on a credit report. These fake identities can steal a large amount of money possible. It takes 12-18 months for fraudsters to create and nurture a synthetic identity before attempting to build a credit history to max out all available credit and eventually disappearing.

For example, organized crime may be sitting on a large pool of “developed” synthetic identities. These synthetic identities have an expiration date: June 2020. It is expected that some organized crime rings may increase their volume of synthetic identity fraud attacks in the forthcoming months. Before the Social Security Administration's pilot program comes into action, financial institutions and other organizations can face the synthetic identity fraud attack by a multilayered approach. The multilayered approach relies on advanced data, analytics, and technology that focus on identity.

Most organizations rely solely on demographic information and snapshots in time to confirm the legitimacy of an identity. However, this method is no longer appreciated, and organizations should think beyond these capabilities. With synthetic identity, a seemingly legitimate identity detects risk only if it can analyze its connections and relationships with other individuals and characteristics. Thus, advanced analytics, including machine learning and innovative technology, like device intelligence and behavioral biometrics, can enable organizations to detect patterns and anomalies that indicate potentially fraudulent behavior.

After the detection of potentially fraudulent behavior, organizations should deploy secondary identity checks before making decisions like one-time passcodes or remote document verification. Also, organizations can adopt proper identity management practices. Employing advanced data and innovative technology will allow organizations to easily identify abnormal behavior while recognizing legitimate customers from “fake” ones.