(New York, NY): Synthetic identity fraud, a lesser-known form of identity theft, has emerged as a leading threat to the credit card industry – confounding lenders and placing millions of vulnerable consumers at risk.
Auriemma Group convened a special working session in October to promote industry collaboration on the issue, which is rapidly growing and notoriously difficult to track. The session brought together fraud prevention managers and government relations personnel from more than 20 leading credit card lenders, as well as Visa and MasterCard, the national credit reporting agencies, and industry trade associations.
The identity-based scheme exploits vulnerabilities in credit reporting and applicant verification: criminals combine real – often stolen – and fabricated information to create a new identity, open accounts, and gradually establish credit. Perpetrators may spend long periods of time – sometimes years – making fraudulent purchases before defaulting, wrecking their victims’ credit and leaving lenders with little recourse for collection and recovery. To avoid attention, fraudsters target populations that are less likely to use and monitor credit – including children and the elderly – although everyday cardholders may be equally unlikely to spot unauthorized charges.
“The conventional wisdom is that synthetic fraud is a victimless crime, unlike other fraud types where the true customer is the victim,” said Ira Goldman, Director of Auriemma’s Card Fraud Control Roundtable. “But those who have their Social Security numbers stolen can suffer serious financial harm that goes undetected for years, inflicting maximum damage.”
Estimates put the toll of synthetic fraud to businesses at billions of dollars annually, but total financial losses remain unknown. That’s because fraudsters “cashing out” behave like normal borrowers in default, making it virtually impossible to distinguish them from real customers. Unable to identify synthetic accounts, lenders often chalk up the resulting losses to credit risk rather than fraud – obscuring the true scope of the problem.
Solving for synthetic fraud will require close coordination between industry, law enforcement, and government officials. The Social Security Administration (SSA) currently bars the credit bureaus from validating applicant Social Security numbers against its records due to privacy concerns, and changes that agency made in 2011 to randomize issuance have exacerbated the challenge of detection. To make matters worse, the lending industry lacks common standards and countermeasures for identifying, reporting, and mitigating synthetics. While limited prevention techniques are being deployed, anti-fraud solutions that have reigned in other methods of attack have proven largely ineffective.
Participants at the October Auriemma session began working toward a series of shared goals: defining the problem at the industry level, openly exchanging risk mitigation tactics, and establishing viable long-term solutions. Interim steps include the use of analytics and consortium data to validate applicant identity, while longer-term solutions revolve around regulatory reform aimed at greater SSA involvement in applicant authentication. An initiative led by the credit reporting agencies will provide a partial solution within the next 18 months by generating more routine, systematic updates of applicants’ Social Security numbers and dates of birth.
In the meantime, synthetic fraud seems likely to get worse. As EMV chip cards and other protections shore up the physical point of sale, fraudsters are pivoting to new account fraud in growing numbers. A string of data breaches has exposed reams of personally identifiable information they can use to create synthetic identities.
“The industry will need to band together to identify effective solutions,” Goldman said, “as it has done to deal with more traditional fraud types. Auriemma will continue to monitor synthetic fraud, work with key stakeholders, and facilitate dialogue at the industry level.”
About Auriemma Fraud Control Roundtables
Auriemma runs a series of information sharing and benchmarking groups for executives and managers in fraud strategy, operations, and credit originations. Spanning credit card, debit card, consumer banking, and retail payments, Auriemma’s fraud control roundtables combine executive meetings, industry-leading operational benchmarking, and peer group surveys to help leading companies identify vulnerabilities and optimize fraud management strategies.