With recent data breaches and the associated flood of PII onto the dark web, synthetic identity fraud is easier to commit than ever. Credit card losses due to this fraud exceeded $800 million in the U.S. last year, says Julie Conroy, a research director at Aite Group. Perhaps more shocking is just how much of the fraud is going undetected, flying under the radar as credit write-offs.
"One of the challenging aspects of this is often it doesn't get recognized as fraud and gets written off as a credit loss; so understanding the scope of the problem has been a challenge," Conroy says in an interview with Information Security Media Group about Aite's latest research. "A number of institutions are starting to see fundamental shifts to things like their credit delinquency curves that are only explainable by synthetic identity fraud."
Migigating the risk of synthetic identity fraud is challenging, given that it's designed to look like a real person establishing a credit history. But Conroy suggests that a layered approach can be valuable.
"You can't really look at any one vector," she says. "It's a matter of layering analysis of the digital identity, analysis of how did this credit record get set up in the first place, and looking at how they are applying for and using credit."
In the interview (see audio link below photo), Conroy discusses:
- The difficulty in defining synthetic identity fraud;
- How this fraud is committed and its cost;
- Risk mitigation strategies.
As research director of Aite Group's retail banking and payments practice, Conroy covers fraud, data security and anti-money laundering issues. She has more than a decade of hands-on product management experience, working with financial institutions, payments processors and risk management companies