What is Synthetic Identity Fraud?
Synthetic identity fraud occurs when bad actors use a combination of real and fictitious information to create new (synthetic) identities, which may be used to open accounts. In some instances, the synthetic identities are used to build good credit to qualify for high-limit credit cards and even mortgages (which at some point will go into default). According to Kolin Whitley, the senior director of North America Risk at Visa, minors are often a target for synthetic identity fraud because their credit histories do not yet exist, and their identities are largely not monitored. There are several consumer identity monitoring services available in the industry today that scour the Dark Web for potential identity thefts. To learn more about synthetic identity fraud, read the Federal Reserve’s white papers published to the Fed Payments Improvement website.
In order to help combat synthetic identity fraud, Electronic Consumer Based Social Security Number Verification, or eCBSV, is being developed as a result of section 215 of the Economic Growth, Regulatory Relief, and Consumer Protection Act, Public Law (PL) 115-174. Section 215 directs the Social Security Administration (SSA) to modify or develop a method of accepting identity data elements electronically, determining if the credentials are valid, and returning an affirmative or negative response.
Today, SSA provides a method for validating consumer identity, but the process requires sending a letter to SSA with a wet signature. This does not fit well in today’s digital world because it is inefficient and time consuming, which discourages usage. eCBSV will be electronic and will provide responses in real time or next to real time, allowing banks to use the service during account opening as opposed to after the fact.
According to Whitley, Visa already offers a mandated service which requires banks to submit identification details for all applicants. Visa analyzes the application data and returns alerts or flags if the information has been reported as false elsewhere. Visa may leverage this existing framework to connect to eCBSV, when it becomes available. Education is also a powerful key to fraud prevention. Visa educates banks about synthetic identify, and other types of fraud, and encourages banks to educate their customers.
On Sept. 6, 2019, SSA announced the first group of eCBSV participants called “permitted entities”. Over the coming months, SSA will develop the eCBSV framework, and this first group of permitted entities will go live June 2020. A second group of entities, those who applied for the first group but were not selected, will establish connection in the fall of 2020. The service is anticipated to be generally available late 2021, but that does not necessarily mean your bank has to wait to connect until then. Talk to your service providers to understand where they are on the implementation timeline. In the meantime, review your bank’s synthetic identity fraud prevention plan as related fraud is likely to rise in advance of eCBSV general availability.