What Is Synthetic Identity and How Does It Work?

Identity fraud represents a significant challenge in the financial landscape. While traditional identity theft typically involves stealing an individual’s existing credentials, synthetic identity fraud is a distinct and evolving form of deception. This sophisticated scheme creates an entirely new persona, presenting unique complexities for detection and prevention. Understanding this specific type of fraud is important for the general public, as it impacts the integrity of financial systems and can indirectly affect consumers through increased costs and tighter credit controls.

Understanding Synthetic Identity

A synthetic identity is a fabricated persona that combines real and fictitious information to create a seemingly legitimate individual who does not genuinely exist. Unlike traditional identity theft, which involves the direct compromise of an actual person’s established identity, synthetic identity fraud does not initially target an immediate individual victim. Instead, it constructs a composite identity from various data points.

The fabrication often includes a genuine Social Security Number (SSN) combined with a newly invented name, date of birth, and address. This unique blend of authentic and fabricated elements allows the synthetic identity to pass initial verification checks by financial institutions and credit reporting agencies. The fraudster’s objective is to establish a credible financial footprint for this non-existent individual over time. This approach allows the fabricated identity to accumulate a credit history and score, which can then be leveraged for fraudulent financial gains.

The absence of an immediate, identifiable victim makes synthetic identity fraud particularly challenging to detect in its early stages. There is no direct account takeover or sudden fraudulent transaction on a victim’s statement to trigger an alert. Instead, the process involves a slow build-up of credibility for a non-existent entity. This gradual development allows the synthetic identity to mature within financial systems, making it increasingly difficult to distinguish from a legitimate customer over time.

How Synthetic Identities are Constructed

The construction of a synthetic identity involves carefully assembling various pieces of information, both real and fictitious. A cornerstone of this fabrication often includes a legitimate Social Security Number (SSN), which may belong to a child, a deceased person, or an individual who has not yet established a credit history. These SSNs are frequently acquired through data breaches, social engineering, or other illicit means. Without a valid SSN, it is exceptionally difficult to establish the necessary credit profiles required for financial transactions.

Once a valid SSN is secured, fraudsters combine it with invented details such as a new first name, last name, date of birth, and mailing address. They may also create fictitious phone numbers and email addresses to complete the profile. The goal is to create a seemingly consistent and believable identity that can be used to open initial accounts. This initial phase often involves applying for low-limit credit products, such as department store credit cards or secured credit cards, which have less stringent approval criteria.

Fraudsters meticulously manage these initial accounts to build a positive credit history, making small purchases and consistently paying them off. This activity is reported to credit bureaus, gradually establishing a credit file and score for the synthetic identity. The process is often iterative, with fraudsters incrementally adding more fabricated personal information or slightly altering existing details to test the system. This careful cultivation allows the fabricated persona to appear increasingly legitimate to financial institutions over time.

How Synthetic Identities are Utilized

Once a synthetic identity has been successfully constructed and has begun to establish a credit history, fraudsters proceed to utilize it for financial gain. The initial phase typically involves applying for small credit lines, such as low-limit credit cards or retail store accounts, to further build credibility with credit reporting agencies. These accounts are often managed responsibly for several months, with small charges and timely payments, to artificially inflate the synthetic identity’s credit score. This disciplined approach helps the fabricated persona appear as a reliable borrower.

As the credit score improves, the fraudster systematically applies for larger lines of credit and loans, leveraging the established credit history. This can include applications for higher-limit credit cards, auto loans, personal loans, or even mortgages. The strategy is often referred to as a “bust-out” scheme, where the fraudster obtains the maximum amount of credit available across multiple accounts, then absconds with the funds without any intention of repayment. This rapid accumulation of debt followed by default is a hallmark of the scheme’s culmination.

The financial products targeted are diverse, ranging from consumer credit to more significant asset-backed loans. For instance, a synthetic identity might be used to finance a new vehicle, which is then quickly sold for cash, leaving the lender with a defaulted loan and a missing asset. Similarly, fraudsters may apply for multiple personal loans from different lenders simultaneously, maximizing the cash obtained before disappearing. The ultimate goal is to extract as much financial value as possible from the fabricated identity before it is detected and shut down.

Identifying Synthetic Identity Schemes

Identifying synthetic identity schemes presents unique challenges for financial institutions due to their hybrid nature. Unlike traditional identity theft, which often involves immediate red flags like unusual transactions on an existing account, synthetic identities are built slowly and appear to be legitimate customers. One key indicator is the rapid establishment of a credit profile with no prior history for the Social Security Number provided. This can manifest as a relatively new SSN (perhaps issued to a child) suddenly acquiring multiple credit accounts within a short period.

Inconsistent data across applications is another significant red flag. While a legitimate applicant might occasionally have a typo, synthetic identities often display persistent discrepancies, such as variations in the name associated with the SSN, different dates of birth, or multiple addresses reported across various credit applications. These subtle inconsistencies, when analyzed across a broader dataset, can reveal the fabricated nature of the identity. Financial institutions frequently employ advanced analytics and machine learning to detect these complex patterns that human review might miss.

Furthermore, a common pattern observed in synthetic identity fraud involves multiple accounts being linked to a single SSN but under different names or addresses. This indicates a fraudster using one legitimate SSN as a foundation for several distinct fabricated personas. Unusual application patterns, such as a high volume of credit applications in a short timeframe after a period of dormancy, or applications for diverse types of credit products (e.g., credit card, auto loan, and personal loan) almost simultaneously, can also signal a synthetic scheme. These anomalies deviate from typical consumer borrowing behavior and warrant closer scrutiny by fraud detection systems.

Citations:

Synthetic ID Fraud and the SSN. Federal Reserve.