Banks have long relied on a familiar playbook: flag stolen identities, freeze hacked accounts, and move on. The belief was simple: if you can stop identity theft and account takeovers, you are safe from whatever fraudsters try next.
But what happens when the "customer" applying for credit or building a spotless payment history never actually existed? That is the reality of synthetic identity fraud. Instead of stealing identities, criminals create entirely new ones from a mix of real and fake information.
In this article, we will break down how synthetic identity fraud works and outline what financial institutions can do to finally turn the tables on this fast-rising threat.
Key takeaways:
- Synthetic identity fraud is not traditional identity theft: Unlike stolen IDs or account takeovers, synthetics are made-up personas built from real and fake data. They look legitimate, build credit histories, and can stay undetected for years before fraudsters cash out.
- The threat is rising fast: Synthetic identity fraud already accounts for about 80% of new account fraud, with projected losses reaching $23 billion by 2030. Nearly 95% of synthetic identities go unnoticed during onboarding, making them one of the biggest risks banks face in 2025.
- Fraudsters exploit weak points in the system: Criminals often use children's or unused SSNs, then slowly grow fake credit profiles before "busting out." Because no direct victim complains, these identities slip past legacy fraud defenses.
- Banks must upgrade detection strategies: Stronger onboarding checks, real-time transaction scoring, consortium data sharing, and AI-powered analytics are essential to spot red flags like mismatched identities, rapid credit build-up, and suspicious digital footprints.
What is synthetic identity fraud (SIF)?
Synthetic identity fraud involves fabricating a new identity by combining real and fake personal data, then using that "person" to commit fraud.
In other words, criminals piece together bits of real information (like a legitimate Social Security number) with fictitious names, birthdays, and other details to create a "Frankenstein" identity that isn't tied to any one real individual.
According to the National Institute of Standards and Technology (NIST), synthetic identity fraud is "the use of a combination of personal information to fabricate a person or entity to commit a dishonest act for personal or financial gain." These synthetic personas often have just enough authentic data to pass cursory ID checks, even though the identity itself is fake.
How is SIF different from traditional identity fraud?
Imagine a customer who pays every bill on time for two years. Their credit looks spotless, their account activity looks normal, and nothing raises a red flag. Then one day, they max out every loan and credit line and vanish.
Synthetic identity fraud differs from classic identity theft, where a criminal hijacks a real person's Social Security number and entire profile, or account takeover fraud, where someone breaks into an existing account with stolen passwords. Instead, synthetic fraudsters create a brand-new identity from scratch.
In bank systems, the contrast is clear. Identity theft triggers alerts when details don't match or the victim speaks up. Account takeovers stand out through odd logins or sudden spending.
Fraudsters build synthetic identities to look normal, giving them realistic profiles and even clean credit histories. These fake customers blend in for months, sometimes years, before the fraudster finally "busts out."
Synthetic identity fraud by the numbers: Why it's a growing threat
Synthetic identity fraud has shifted from being an emerging issue to one of the most pressing challenges in banking. The latest numbers show just how quickly it is spreading and why it demands urgent attention:
- Fastest-growing form of new-account fraud: Synthetic identity fraud now accounts for about 80% of all new account fraud. Analysts project synthetic identity fraud will generate at least $23 billion in losses by 2030.
- Year-over-year surge in detection: U.S. lenders faced approximately $3.3 billion in potential synthetic identity losses across credit cards, auto loans, personal loans, and retail cards by the end of 2024 - up around 3% from the end of 2023 and the highest level on record.
- Escalating concern among banks: A survey found 40% of banks fear synthetic identity fraud is one of their biggest threats in 2025, particularly because 95% of synthetic identities go undetected during onboarding.
How fraudsters create and use synthetic identities
Building a synthetic identity is surprisingly easy in today's data-saturated world.
Fraudsters often start with a real Social Security number, usually from vulnerable groups like children or seniors who are unlikely to have an active credit file.
A child's SSN is especially valuable because it is valid but not tied to existing credit history, allowing criminals to attach any name, birthdate, and address without contradiction.
These numbers are bought on the dark web, pulled from breaches, or even generated randomly after the Social Security Administration began issuing numbers in non-sequential order in 2011.
Once they have an SSN, fraudsters layer on fake details to create a new persona.
For example, a fraudster can take the SSN of a five-year-old child and use it to make a 30-year-old adult with a different name and an address they control. This fabricated identity is sometimes marketed illegally as a "credit profile number" or CPN.
The fraud usually unfolds in three phases:
1. Seeding and cultivating the identity
The goal is to convince banks and credit bureaus that the synthetic person is real. Fraudsters may apply for small credit cards or phone plans, piggyback as an authorized user on an existing account, and slowly build a credit file. They pay bills on time, keep balances low, and maintain consistent details, carefully "fattening up" the identity until it looks trustworthy.
2. Bust-out and cashing in
Once the fake identity has strong credit, the fraudster applies for bigger loans, higher card limits, and new accounts. Banks approve them based on their positive history. Then the fraudster maxes out every line, drains funds, and disappears.
3. Scaling up with multiple identities
Skilled criminals repeat the process with dozens of synthetics at once, treating it like a long-term operation. They continuously grow and cash out these identities, turning synthetic fraud into one of the most damaging financial crimes facing banks today.
Red flags and behavioral signals of synthetic identity fraud
Spotting a synthetic identity is like piecing together a puzzle. No single clue proves fraud, but a combination of signals can reveal patterns that don't add up.
Here are the most important red flags banks should monitor:
- Age vs. credit history: If a customer's stated age doesn't match their credit file, something may be wrong. For example, a 40-year-old with only a one-year credit history or a 20-year-old with 15 years of reported activity could indicate a synthetic profile.
- Suspicious SSNs: Fraudsters often use SSNs that are unassigned, recently issued, or duplicated across multiple applications. Even though SSN randomization after 2011 makes some checks less reliable, inconsistencies still stand out.
- Rapid credit build-up: Many synthetic identities start with no file and then suddenly add multiple trade lines in a short period. Fraudsters might piggyback on legitimate accounts or open small lines of credit to create history.
- Unusual contact details: Look closely at emails and phone numbers. Accounts tied to recently created emails, disposable domains, or VoIP numbers without geographic ties often suggest synthetics. Real customers typically leave a longer digital footprint through consistent contact details.
- Problematic addresses: Multiple unrelated applicants using the same address should raise suspicions. Fraudsters often rely on forwarding services, mailbox rental stores, or small apartments linked to dozens of accounts.
- Shared data across accounts: One of the strongest red flags appears when different identities share the same contact or device. If several "customers" list the same phone number, email, IP, or emergency contact, they may all trace back to a single fraudster.
- Transaction behavior: Synthetic identities usually behave like regular customers until the "bust out." Watch for accounts that remain quiet and suddenly receive large deposits or max out credit limits after a period of low activity.
- Identity mismatches: Details that don't align across databases are another tell. A real person usually shows up in multiple places, such as DMV records, utilities, or property databases. If an identity exists only in credit data and nowhere else, it's likely synthetic.
How banks can detect synthetic identity fraud in 2025
Confronting synthetic identity fraud in 2025 calls for a multi-faceted, technology-driven strategy.
Here's how your financial institution can detect and prevent synthetic identity fraud, using the latest best practices and tools:
1. Strengthen identity verification at onboarding
The battle against synthetic fraud starts the moment a new customer applies for an account. Banks should implement improved identity proofing measures that go beyond basic document checks:
- Document and biometric verification: Banks can use tools that scan IDs for holograms, fonts, and barcodes, then match them against a live selfie with liveness detection, rather than accepting a driver's license photo at face value.
- Cross-checking against trusted data: A real identity leaves traces across multiple databases. By checking details like name, SSN, and date of birth against credit bureaus, public records, and utilities, banks can confirm if the applicant actually exists.
- Layered proofing: Adding extra verification steps, such as one-time passcodes tied to phone numbers, device fingerprinting, or geo-location checks, raises the barrier even higher.
Takeaway: Adopting such technology upfront stops fraud at the gate, where it's cheapest to handle, far better than writing off losses later.
2. Monitor and score transactions in real-time
Once accounts are open, continuous vigilance is fundamental.
Real-time fraud scoring on transactions and account behaviors can catch telltale signs of synthetic activity at the moment they occur, allowing the bank to intervene:
- AI-powered scoring: Rule-based systems miss too much. Machine learning models analyze every transaction in real-time, scoring risk based on behavior, location, device, and history. For example, the system can instantly stop a large transfer from a dormant account at 3 AM.
- Behavioral analytics: Real customers have consistent spending and login habits. Synthetics often behave differently, especially during cash-out phases. Banks can analyze patterns like typing speed, mouse movement, or copy-paste behavior to spot inconsistencies that suggest fraud.
- Immediate funds with risk checks: Particularly for deposit accounts, offering services like instant funds availability can attract customers but also invite abuse (fraudsters love to deposit bad checks and withdraw cash before they bounce). A best practice is to integrate real-time risk scoring into funds availability decisions.
VALID solution:
VALID Systems' InstantFUNDS and CheckDetect solutions assess the risk of check deposits in real-time with AI models, make 99% of deposits available instantly, and flag the riskiest 1% for manual review.
By scoring attributes of the check (account history, maker/payee data, deposit behavior) and the customer's identity, the system can withhold funds on suspect deposits.
In the context of synthetic fraud, this means that if a synthetic identity tries to quickly deposit a counterfeit check or multiple large checks (a common scheme to monetize a synthetic account), the bank's system will catch the anomaly and pause the transaction.
3. Share intelligence across banks and consortia
No bank is an island in the fight against synthetics. Fraudsters often target multiple institutions, rotating their synthetic personas or hitting several banks simultaneously to maximize the payout.
This makes a strong case for consortium-based defenses:
- Shared databases: Banks can pool confirmed fraud profiles (like SSNs, addresses, or device IDs) into industry watchlists. If a synthetic tries at one bank, others get the warning before losses occur.
- Link analysis across institutions: Consortium intelligence is about link analysis on a grand scale. The Federal Reserve's toolkit highlights that a "link analysis of data attributes across products and channels" greatly aids in identifying synthetics who reuse elements.
- Consortium-based scoring: Some modern solutions provide a consortium score - a risk score for an identity based on aggregated data from many sources. For example, a synthetic identity might have a high fraud risk score because other members of the consortium have reported suspicious activity on elements of that identity.
4. Leverage AI and machine learning for deeper analytics
We've touched on AI in the context of transaction scoring, but its application is broader.
Artificial intelligence and machine learning are game-changers for identifying patterns that signify synthetic identities, often far earlier than rule-based systems or human intuition would.
Here's how banks leverage AI and machine learning:
- Identity analytics: Machine learning compares applicant data to known good and known fraudulent profiles. Real people usually leave deep footprints - multiple addresses, long-term phone numbers, property, or DMV records. Synthetics don't. AI can score the "depth" of an identity and flag shallow ones.
- Graph analysis: Fraud rings often recycle the exact phone numbers, IP addresses, or devices. Graph-based AI can visualize these relationships, exposing clusters of fake accounts.
- Continuous updates: Every confirmed fraud case can feed back into the model, improving its accuracy and reducing false positives over time.
5. Connect red flags across channels and the customer lifecycle
Synthetic identity fraud doesn't always announce itself in one place. Therefore, banks should adopt a holistic, 360-degree view of customers:
- Cross-channel integration: A synthetic may open an account online, call the contact center to change details, and then walk into a branch to cash out. Siloed systems fail to connect these red flags. Unified monitoring links all channels for a 360-degree view.
- Lifecycle checks: Synthetic accounts can "sleep" for years before cashing out. Regular reviews help banks reassess whether a customer still looks real.
- Credit and fraud team collaboration: Many synthetic accounts get written off as bad debt. By reviewing charge-offs for fraud patterns, banks can improve models and reduce misclassification.
How VALID Systems' solutions tackle synthetic fraud
VALID Systems partners with U.S. banks and credit unions, combining real-time analytics, shared intelligence, and AI to unmask synthetic identities.
Here are the VALID key solutions for preventing synthetic identity fraud:
- Consortium intelligence (VALID Edge): VALID Edge aggregates data from 400 million accounts and $4 trillion in transactions. If a synthetic shows up at one bank, the network alerts others, blocking the same SSN, device, or email. This crowdsourced defense closes the silo gap and makes it harder for fraudsters to hide.
- Real-time transaction scoring (CheckDetect and InstantFUNDS): Synthetic identities often exploit check deposits. VALID's tools score every deposit in real-time, clearing 99% instantly and flagging the riskiest 1% or less for review.
- Adaptive AI models: VALID's AI models learn continuously from fraud cases across banks. When one institution identifies new tactics, the models adjust to benefit all clients, thereby improving detection speed and reducing false positives.
- Multi-channel integration: VALID integrates fraud defenses across deposits, lending, and account openings through cloud-based APIs. The system can stop a synthetic flagged at onboarding if it later tries to exploit lending or deposit channels.
How prepared is your institution for synthetic identity fraud?
Partner with VALID Systems to detect high-risk accounts early and protect your customers with confidence.