Synthetic identity fraud is on the rise, TransUnion report shows
Synthetic identity fraud, which involves combining real and fake information to create new identities, is on the rise, according to a new report from the credit bureau TransUnion, which analyzed data breaches and fraud in the public sector over the past year.
According to the report published Wednesday, data breaches in the U.S. increased 15% year over year in 2023, with 54% of consumers across 18 countries and regions reportedly targeted in online, email, phone call or text messaging fraud attempts from September to December of last year.
The report found that data breaches, which often exposed consumers’ personal data, including Social Security numbers and driver’s license numbers, also led to an increased risk of fraud against government agencies, like business registrars, motor vehicle agencies, unemployment insurance programs and more, resulting in improper payments and potential loss of access to public benefits for rightful constituents through identity theft and synthetic identity fraud.
Jeffrey Huth, a senior vice president at TransUnion, said that synthetic identity fraud was the fastest growing form of fraud being perpetrated in 2024.
“I think that public sector agencies need to watch that because of things like artificial intelligence,” Huth told StateScoop in an interview. “I think it will become much easier and faster to create completely realistic-looking, fabricated identities, whether it’s building a financial profile, [or] a digital footprint.”
‘Fabricated individual’
Synthetic identity fraud is different than true identity fraud, which occurs when someone uses a real person’s identifying information to commit financial fraud. But synthetic identity fraud can be used in a similar way, such as opening fraudulent accounts, making purchases or receiving benefits or services from the government.
“A synthetic identity is a completely fabricated individual,” Huth said. “From a government’s perspective, number one, they’re going to be after tax information.”
Huth said TransUnion’s new report also shows that fraud involving the public sector can lead to legitimizing stolen and synthetic identities once they are successfully registered with a government agency. Fraudsters can then leverage verified identities in new schemes to extract benefits or services from the government.
“Anytime a benefit is granted, even a state-related benefit, there can be fraud attempts there, because someone may be receiving a benefit that they’re not entitled to from the state,” Huth said. “It may not be the same as stealing money from a tax return, but it’s still fraud. And it’s still people using taxpayer-funded benefits for nefarious purposes.”
Omnichannel verification
The push in recent years for government to make its digital services more accessible has led to more people interacting with government agencies across a variety of methods — websites, email, text messages, phone calls — which creates a multiple entry points for fraudsters to undermine.
The report encourages public sector agencies to be vigilant against attempts at synthetic identity fraud by practicing omnichannel verification, or vetting whether an individual is real or fake through multiple methods, including verbal, digital or even geographical.
Huth said state and local agencies must walk a fine line between security and accessibility.
“Knowing that the person is a real person, knowing that the channel that they’re coming in on whether it be a digital channel, or a phone channel, if they’re calling into a call center, just putting some of those protections in place to make sure that they’re real,” Huth said, “can also be done by making it a friction right experience, is what we refer to it as. And that is appointing the right level of resistance to prevent or mitigate fraud, but not making it so difficult for normal people to actually get what they need.”