To Combat Synthetic Fraud, Move Away From Traditional Fraud Models

Jul. 25, 2019 | by BioCatch

The Federal Reserve recently released a white paper on synthetic identity fraud, highlighting once again the vexing threat this trend poses to the payments industry and our economy on the whole. According to AboutFraud.com: “Synthetic fraud is the fastest growing form of identity theft in the U.S., comprising 80% of all new account fraud and 20% of all credit card losses.” 

The root cause? According to the Federal Reserve, 85-95% of applicants identified as synthetic identities are not flagged by traditional fraud models.

Chasing Ghosts with Traditional Fraud Models

There are multiple ways that synthetic identity theft takes place. For the most part, they involve either piggybacking on a real, but inactive, identification number (like from a child) and combining it with a fake name, or creating a totally new identity and using it to build a credit file over time. The problem exposes the weaknesses of the credit system in the U.S., but it is not limited to any one country. Bulgaria’s admission that the personal taxation records of 5 million out of its 7 million citizens were stolen in a hack highlights yet again the urgent need to redefine digital identity on a global level.

Many of the traditional providers are building algorithms and databases based on monitoring activity on the dark web, including what identity elements are being circulated and what elements (such as names and social security numbers) are being used inconsistently or with unusually high frequency. Age of a credit file and device intelligence are heavily relied on to map access points of fraudulent activity.

This approach will never work, as it essentially is chasing ghosts. Trying to figure out what is a real identity and what is a synthetic identity using a variety of static measures is futile, because fraudsters are dynamic – using different combinations of data, masking devices, and IP addresses and leveraging sophisticated social engineering techniques.

Behavioral Biometrics Provides A New Layer of Visibility

By analyzing how information is entered as opposed to the accuracy of the data itself, it is possible to pick up on behavioral signals that point to the use of synthetic identity in the online application process. As shown in the table below, fraudsters exhibit behaviors that are very different from legitimate users; this is true in the case of using both stolen and synthetic identity in the online application process. 

Behavior

Fraudster

Legitimate User

Application Fluency

How well do they know the online application?

High

Low

Computer Proficiency

Do they use advanced shortcuts and other techniques to speed the process?

High

Low

Data Familiarity

Are they using short term or long-term memory?

Low

High

How do we know it works? This credit card issuer attributes the addition of behavioral biometrics to their fraud stack to increasing detection rate to above 90%. As a standalone tool, behavioral biometrics delivers an 80% fraud detection rate with almost no false positives. Many other issuers, insurers, digital banks and enterprises capturing online applications have experienced the same. With a 10x-15x ROI according to customer provided estimates, BioCatch is becoming a staple in preventing new account fraud.

The U.S. payments system is moving towards real-time payments, advanced P2P models like Zelle are advancing in adoption, digital interactions are taking shape in all aspects of our economy, and government interactions and understanding who someone is online is an imperative to ensure trust and mitigate further losses. Behavioral biometrics is the new frontier.

Learn more about our solution for identity proofing.

Topics: Digital Identity