Attacking synthetics – a real approach to uncovering potentially fake identities

by Scott Hamlin

Scott Hamlin

Over the last several years, we have discussed the issue of synthetic identity fraud extensively with our clients to gain a better understanding of how they view the problem, how it’s impacting their organizations, and what tools they are using to combat the problem. While each organization had a different perspective, one thing was clear – synthetic identities are a multi-faceted problem.

It has consistently been our theory that combatting the diversity of synthetic identities would require a robust defense strategy. This was the premise of the third installment of our ID:A Labs synthetic identity research.

But before I touch on the results, let me quickly highlight the first two installments of our three-part series:


  • In part two of our series we wanted to understand how often synthetic identities exhibit key traits (or symptoms); such as the use of randomized social security numbers (SSNs) or exploiting the credit piggybacking process. Here, as an example, we saw that less than 50% of suspected synthetics utilized the credit piggybacking process. To learn more read, All synthetic identities are not created equal: Examining purported synthetic signatures.


In our third installment we compared the effectiveness of ‘traditional’ vs. ‘symptom’ vs. ‘holistic’ solutions. For clarity, we define a traditional solution as one which evaluates third-party fraud or ability-to-pay. These are typical defenses deployed at account opening for evaluating fraud and credit risk. A symptom solution is one which evaluates a specific synthetic identity trait (e.g., randomized SSN or credit piggybacking), and a holistic solution is one which evaluates not one, but a wide variety of synthetic identity traits.

As evidenced by Figure 1, a holistic approach outperforms traditional and symptom solutions. To add context, the chart is set up as a base value of 100 and the performance of the traditional and holistic solutions are compared to the symptom-focused solution as a ratio – indicating that, while traditional solutions captured 40% of synthetics, and the symptom-focused solution showed significant improvement, the holistic solution was able to capture nearly 50% more than the symptom-focused synthetic solution.

synthetic identity solution comparison

Figure 1. Capture rates of various synthetic solutions

Clearly, a holistic defense strategy helps enterprises identify and protect against likely synthetic identities. If you would like to learn more about this study and gain full access to the results, read, Solving Synthetics: Holistically Attacking a Diverse Threat.

To close, I’d like to provide three takeaways:

      1. It’s clear that a majority of synthetic identities bypass ‘traditional’ defenses. Not surprisingly, because the patterns of behavior displayed by synthetics differ from those of identity thieves. To be more effective at identifying and protecting against this potential threat, it is important to use solutions which are purpose-built to address synthetic identities.
      2. Synthetic identities are not created equal. There are different types of synthetics, different ways in which they are established, and different ways in which they go bad (e.g., never-pay, bust-out, etc.). Using a solution which only targets specific traits will only help you solve a portion of this problem.
      3. To tackle synthetic identities head-on, your best bet is to take a holistic approach. Look for solutions which incorporate a wide array of synthetic identity traits. This will help you take real action against potentially fake identities.


Scott Hamlin is a Senior Product Marketing Manager at ID Analytics