All blog articles
Business August 21, 2025

What is synthetic identity fraud? How it works and how to prevent it

profile picture Sofi Summers 8 min read
Synthetic identity fraud is committed by the theft of a real piece of persoanl information such as an SSN, and combined with false information to make up an entirely synthetic identity that often bypasses traditional checks

What is synthetic identity fraud?

Synthetic identities are fake identities, built by combining real and made-up information, earning them the nickname “Frankenstein IDs” due to their pieced-together nature.

Synthetic identity fraud is different to traditional identity fraud as it doesn’t involve an obvious, immediate consumer victim. These fake profiles are designed to mimic real customers, often slipping past traditional fraud detection systems because they don’t raise typical red flags. As a result, the primary victims of synthetic identity fraud are businesses and lenders, who bear the financial losses.

 

How synthetic identities are created and used

Fraudsters combine real data, such as a Social Security number (SSN), often stolen from vulnerable populations such as children, people experiencing homelessness or deceased individuals, and combine it with false names and addresses.

The identities are then grown over time by establishing credit histories and building positive credit profiles. Once creditworthiness is established, the fraudsters then max out loans and lines of credit, before disappearing into the night. This is known as ‘bust-out fraud’.

This lengthy process of securing access to increasing amounts of credit over a prolonged period is a hallmark of synthetic identity fraud.

 

The financial and reputational impact on businesses and consumers

For businesses targeted by synthetic identity fraud, the main impacts include:

  • Billions in financial losses annually: some estimates reach over $6 billion.
  • Increased operational costs: millions of hours are spent chasing non-existent individuals who have defaulted on the debts.
  • Misclassification of defaults: due to an absence of obvious signs of fraud, these defaults are often not recognised as criminal activity.

While businesses bear the immediate financial losses associated with synthetic identity fraud, it is not without a consumer victim. People whose SSNs are used to create synthetic identities can suffer long-term and often long-undetected damage to their credit histories.

For example, a child’s credit can be destroyed long before they ever need to access it. Victims often face a lengthy, time-consuming and stressful cleanup process to prove they are not responsible for the fraud.

 

How businesses can identify synthetic identities in their systems

Research by LexisNexis suggests that traditional fraud tools fail to detect 85% of synthetic identity fraud cases.

Some key red flags that may indicate a synthetic identity include:

  1. An unusually high volume of credit applications in a short time: These might be for small credit products like store cards, phone contracts or “buy now, pay later” plans. Fraudsters do this to try and quickly build credit.
  2. Missing signs of real-life activity: The individual doesn’t show up in places you’d expect a genuine person to. There’s no school or employment history, no voter registration records, no utility bills and no record of address changes.
  3. Shared contact details across multiple identities: Fraudsters often reuse the same email addresses or phone numbers when managing several fake profiles.
  4. Static personal information: Real users typically update their details over time. In contrast, for synthetic identities, details such as home addresses, emails or employment histories rarely change over time. 99% of synthetic identities remain unchanged over 2 years.

 

Detect and prevent synthetic identities in your onboarding process

To effectively spot synthetic identities during onboarding, businesses need to go beyond standard AML, KYC and CDD checks. Strengthening your fraud screening process with additional layers of verification can help uncover these hard-to-detect profiles before they gain access.

Move beyond basic credit checks

SSN and basic credit checks are no longer enough to verify identity, especially when it comes to detecting synthetic fraud. Fraudsters’ use of real, valid SSNs paired with fabricated personal details means that these combinations can pass basic checks and build legitimate-looking credit histories over time. Synthetic identities can often slip through this traditional, single-data point system of verification undetected.

Employ advanced document verification

Advanced document authenticity checks are designed to detect abnormalities or signs of tampering in the submitted identity documents, to help ensure you are dealing with a real identity document. Yoti’s identity verification service performs AI-led authenticity checks and, if required, you can also leverage our team of over 200 verification experts to manually assess documents.

Use biometric authentication to strengthen identity verification

It is important to ensure the person’s face matches the photo on their identity document. This can be done using a combination of face matching technology and expert human reviewers (such as Super Recognisers) for more complex cases.

For extra assurance, you should include liveness detection checks for anti-spoofing alongside protection against deepfakes and generative AI attacks.

Importantly, fraudsters are extremely reluctant to tie their real biometrics, such as their face or fingerprint, to fake profiles. This makes biometric verification a powerful tool – not only for detecting and preventing fraudulent attempts, but also as a strong deterrent against targeting your business in the first place.

Use database and third party checks

Verifying applicant data against trusted sources can help reveal common red flags in synthetic identity fraud. This includes screening for matches on financial crime and sanctions watchlists, as well as checking for death indicators or discrepancies in government-held records.

In the US, businesses can also use the Electronic Consent Based SSN Verification (eCBSV) system to confirm that an SSN, name and date of birth combination matches official Social Security Administration records.

Beyond this, participating in anonymised industry-wide data sharing can be highly effective in monitoring and tackling the problem at large. By pooling insights across organisations, businesses can identify suspicious behaviour patterns and anomalies that may not be visible in isolation. These broader intelligence networks are a powerful tool for keeping up with the evolving tactics used for synthetic identity fraud.

Perform network analysis

Look for signs of organic identity development that suggest you are dealing with a real person, such as a consistent digital footprint, social media presence or connections to other verified individuals. Synthetic identities often lack these signs and appear isolated or disconnected.

 

How consumers can protect themselves from synthetic identity fraud

While businesses bear the bulk of the financial burden, individuals can still suffer long-term damage from synthetic identity fraud. It is essential to take proactive steps to protect your personal information and remain vigilant for any suspicious activity.

  1. Be highly protective of your personal information: Treat sensitive data, such as your SSN, passport number or national ID, as high-value assets. Only share them with trusted organisations, and never in response to unsolicited emails, messages or phone calls.
  2. Monitor your credit reports regularly: Regularly check your credit records with major credit reference agencies (such as Experian, Equifax and Transunion) for any unusual activity or credit applications that weren’t made by you. Most agencies offer tools that send alerts when there are changes to your report, helping you react quickly to potential fraud.
  3. Report suspicious activity immediately: If you see any unfamiliar accounts, credit checks or correspondence that doesn’t make sense, act quickly. In the UK, report it to Action Fraud. In the US, contact the Federal Trade Commission. The sooner fraud is reported, the easier it is to limit the damage.
  4. Take extra steps to protect your children’s identities: Children’s identities are particularly valuable to fraudsters because they often remain unused for years, giving synthetic identities time to grow undetected. Some countries allow you to freeze a child’s credit file to prevent new accounts from being opened in their name. Check with your local credit agencies or government websites to see what options are available in your region.

Understanding the risks is your first line of defence. Take time to learn about identity theft and how to stay safe online, and follow trusted sources for guidance on the latest threats and best practices.

 

Closing the gaps in identity verification to tackle synthetic identity fraud

Synthetic identity fraud comes at a high cost to businesses. Its stealthy nature and reliance on fragmented or fabricated information make it challenging to detect using outdated verification processes.

To close the gaps, businesses must adopt a layered, intelligence-led approach. This means combining biometric checks, advanced document analysis and shared data insights to build a more comprehensive picture of identity that cannot be easily mimicked. At the same time, consumers need support and education to protect their personal information and recognise warning signs early.

Tackling synthetic identity fraud is a critical step toward building trust, reducing risk and staying one step ahead of sophisticated fraud.

To learn more about how Yoti can help you protect your business from synthetic identities and other sophisticated fraud, please get in touch.

Want to read more like this?

Signup for our newsletter

Keep reading

One phone scanning the qr code on the screen of another
Articles February 26, 2026

Digital ID for proof of age is coming. Here’s how to check it properly.

Millions of people are already using digital IDs to prove their age and identity, share their verified details with others or take more control over their personal data, all without needing a physical document.  Soon, they’ll also be able to use them as proof of age when buying alcohol in licensed premises in the UK (once the mandatory licensing conditions are updated). This includes pubs, bars, restaurants, nightclubs and supermarkets. That’s a big shift in how age-restricted sales work and it’s why having a fast, reliable and low-friction way to check IDs matters for your business.    How businesses

#digital id #business
Amba Karsondas Amba Karsondas
8 min read
person using phone
Articles February 26, 2026

Updates to the UK MLRs have just changed the game for digital identity

For years, the UK has talked about digital identity as the key to faster onboarding, reduced fraud, better customer experiences, and stronger compliance. And yet, in much of regulated industry, the day-to-day reality has barely shifted. Why? Because compliance culture doesn’t move on optimism. It moves on defensible certainty. Until now, most compliance officers have been understandably risk-averse. Not because they dislike digital identity, but because they know what happens when a control fails: remediation programmes, supervisory challenge, awkward audit findings and reputational consequences.  Even when the Joint Money Laundering Steering Group (JMLSG) referenced digital identity in June 2020,

#digital id #business
Julie Dawson Julie Dawson
8 min read
An image showing that Yoti is certified as an Identity Service Provider (IDSP), Attribute Service Provider (ASP), Orchestration Service Provider (OSP) and Holding Service Provider (HSP).
Articles February 23, 2026

More ways to use and accept Digital IDs in the UK

We’ve hit an important milestone in our journey to make our trusted and accessible digital IDs easier to use in the UK.  Yoti has achieved Gamma (v0.4) certification under the UK Digital Identity and Attributes Trust Framework (UKDIATF). In practice, that means we’re now certified across four key roles: Identity Service Provider (IDSP) Attribute Service Provider (ASP) Holding Service Provider (HSP) Orchestration Service Provider (OSP) It confirms that Yoti meets the UK Government’s highest standards for secure, trusted digital identity services. It also means that we’re ready to support everyday use cases, like accessing age-restricted services and buying alcohol,

#digital id #business
Yoti Yoti
6 min read