Synthetic identity theft is a type of fraud in which a criminal combines real and fake information to create a new identity. This synthetic identity is used to open fraudulent accounts and make fraudulent purchases. Fraudsters can use multiple identities simultaneously, and may even keep accounts open and active for months—even years—before the fraud is even detected.
Synthetic identity theft is now one of the most common types of identity fraud, resulting in huge losses for consumers and financial institutions. According to a report from the Federal Reserve, it is the fastest growing financial crime in the United States costing lenders $6 billion in 2016.
Our digital identities comprise an interconnected trail of breadcrumbs spread across disconnected accounts, social networks, loyalty point programs, and library cards. In an ideal world, all of these pieces of data would connect perfectly into a rigid and robust structure: the physical address on our phone account would match exactly that on our credit history and so on. Changes to any node would break these connections, making unsanctioned changes self-evident like a sort of multidimensional BlockChain.
In reality, the different elements of our digital identities are not perfectly correlated: when we get a new cell phone but neglect to update our membership record at the racquetball club, or use our parents mailing address for packages. It is these fault planes that fraudsters exploit to create synthetic identities. They may apply for credit using all of your details except for a new mailing address to which a new card will be mailed. The federal agency’s switch to randomized Social Security, uncorrelated to date of birth, makes it easier to create synthetic identities using numbers assigned to newborns.
If identity verification demanded strong bonds between identity molecules, no one would ever be approved for credit. However by taking a step back and considering local connections as a whole, relative to a much larger cohort, identifiable patterns emerge where weak correlations start to look less like poor data hygiene and more like a structures attempt to circumvent the rules. This is a task well suited to machine learning and artificial intelligence methods which can pick up on the most subtle signals in the haystack of data, learning from past mistakes and getting smarter with each iteration.
Fraud detection and prevention is an arms race between good honest folk and those that would abuse their identities for monkey business. Attacks mutate in response to new protection measures so detection methods must be updated continuously in response, learning automatically from new data. With machine learning and AI algorithms, our robot defenders are tireless and eternally vigilant, learning from every misstep and fending off wave after wave of simian aggression.