Identity theft continues to be the highest ranking consumer complaint, according to the Federal Trade Commission. With this in mind, Zoot Enterprises recently discussed the prevalence of identity theft and fabricated identities with Dr. Stephen Coggeshall, chief technology officer at ID Analytics.

Coggeshall provided an inside look at the many types of identity fraud and discussed strategies for lenders to address fraud from account opening through collections.

Identity theft has been less in the news during the past year. Has the actual incidence gone down?

Dr. Stephen Coggeshall: Absolutely not. According to the FTC, identity theft continues to be the highest ranking consumer complaint. Furthermore, certain modes of identity fraud continue to grow at alarming rates, for example tax identity fraud. In fact, tax refund fraud is the nation’s fastest-growing type of fraud.

Identity fraud takes several distinct forms including (1) lost/stolen credit card, (2) identity theft, (3) synthetic identity fraud and (4) identity manipulation. The first mode is stopped by examining unusual behavior at the account level and is relatively easily halted, generally without ongoing harm to the consumer. Because sensitive personal identifying information (PII) such as Social Security Numbers (SSN) and dates of birth aren't compromised, the victims can rectify the situation.

The second mode, classic identity theft, continues to cause substantial harm to a relatively small percentage of consumers. But when it does occur, it is a significant problem.

The third mode, synthetic, occurs when a fraudster invents and establishes a false identity complete with fabricated PII. Sometimes the invented SSN belongs to a real person who then causes harm to the rightful holder of that SSN.

In the fourth mode, only recently characterized as identity manipulation, a fraudster makes slight modifications to his own actual PII to avoid some of the checking processes in place. He might change a digit or two in his SSN or date of birth as a one-time or infrequent use rather than try to establish a stable, consistent synthetic identity. In our data, we’ve observed some identity manipulators using dozens of slight variations of their SSN, date of birth and various first or last names.
Many lenders report an increase in fabricated identities. How has this impacted the volume of stolen identities?

SC: ID Analytics sees an increase in the usage of synthetic and manipulated identities. Fraudsters use these identities for several purposes, including the establishment of a fictitious identity that can be misused later on as trust is built up around the identity.

On the other end of the spectrum, identity manipulation occurs when slight variations in credentials are used, perhaps only once, in an attempt to get a product or service that would be denied under the true credentials.

Many of these identity manipulators likely have the intention to pay for the service, but the default rates are substantially higher than average.

This phenomenon has increased as a result of bad economic conditions, when many consumers have had difficulty with credit behaviors and histories. In the fabrication of identities (synthetic and manipulation), the improper SSN being used frequently belongs to someone else, and that person’s history and reputation is adversely affected. Our data also shows the use of synthetic identities for general improper uses, such as money laundering or acquiring many cell phone accounts to be used in organized criminal activities.

Immediately after the crash, there was an increase in fraud activity. Has the volume returned to prior levels?

SC: Unfortunately, fraud activity continues to grow. Identity fraud seems to be a way of life for some family units, where we see parents and children manipulating and sharing their credentials. Fraud rates appear to be related to some economic indicators, with employment rates showing a stronger correlation.  

How can lenders be more effective at catching fraud during the account opening process?

SC: Effective tools exist to stop the majority of such fraud attempts. Identity fraud scores are much more effective than rule systems, which tend to be both brittle and complex to manage. We recommend using identity fraud scores, with different strategies based on the score range. For example, low scores, maybe 80% of the volume, pass through with no further checks. 

The remaining 20% may benefit from deeper tools like attributes, and some fraction of these may be routed to manual verification. Finally, a small fraction, less than 5% may be rejected outright in whatever proper way possible.

Some of the more sophisticated tools that can be used in these processes include

·     Fraud scores (likelihood that this application is a fraud)
·     Compliance flags (red, green or yellow using a variety of criteria)
·     Fraud attributes (e.g., number of SSNs seen at that address in the past 30 days)
·     Identity resolution (which unique person does this application claim to come from?)
·     Identity manipulation scores (extent that this person deliberately manipulates their PII across time and industries)
·     Identity manipulation attributes (e.g., number of SSNs used by this person).

Have you identified any signals that indicate fraudulent accounts before they default?

SC: The primary tools we build and deploy are used to prevent the booking of such fraudulent accounts, but some still do get through. We are now examining a process that looks for telltale triggers on existing accounts that can signal the account is likely to default, either from a traditional credit point of view or as a fraud. These effective triggers come from examining identity events surrounding the existing account.
How should collections teams treat fabricated and stolen accounts differently?

SC: It is clearly important to understand the nature of the account problem in collections.  Most obvious is the difference between a classic credit problem, where the consumer would like to pay but isn’t capable, as opposed to a fraud problem where the consumer never had any intention to pay.

Just as classic credit problems can fall into many categories, fraud also can be separated into categories and treatments differ by fraud mode. With classic identity theft, the consumer likely didn’t even know the account had been opened in his name, and will appropriately express surprise and concern. With synthetic identity fraud it may be difficult to find the real person behind the fictitious identity.

With synthetic and identity manipulation, an invented SSN will frequently overlap with an innocent consumer’s SSN, and this accidental victim will feel the same as an identity theft victim.

However, an important difference here is that the accidental victim of identity manipulation fraud is much less likely to be an ongoing victim since his SSN was chosen at chance, and will not be used with his name and date of birth, as it would be in true identity theft. In first-party fraud, the consumer has no intention of paying and may falsely claim the event to be an identity theft.

These examples show how important it is to classify the nature of the misuse in order to have efficient and intelligent collection strategies, as well as provide appropriate recommendations to consumer fraud victims.
How can you validate a consumer's claim that they are a victim of identity theft, versus perpetuating fraud?

SC: This isn’t easy, and it helps to be able to provide data and tools to the skilled fraud investigators who work at various businesses. The first step is a fraud score and reason codes - do we see the consumer’s identity associated with applications that score high for identity theft? Do the reason codes reinforce what we’re hearing from the consumer?

The next step is data visibility – what activity is going on around the PII of the consumer? Ideally we would want to see, not just what happened in one business, but across many businesses and industries.

For example, do we see normal activity at his address and then a one-time use of his name, SSN and date of birth at another address that itself has a lot of suspicious activity? That would be a clear signal of an identity theft. This data visibility can come from fraud attributes or other summarized data elements from a consortia-based fraud solution.

Finally, sophisticated analytic tools and scores exist to further understand the mode of unusualness around applications, helping to assess whether the consumer is a habitual identity manipulator, a previous victim, a made-up identity, or part of a known identity fraud ring. All these tools can provide visibility and aids that can be excellent tools for fraud investigators trying to sort through these difficult examinations.

Dr. Stephen Coggeshall is the chief technology officer for ID Analytics. He has more than 20 years experience leading scientists to build practical solutions to difficult business problems using advanced analytics.

Karen Gordon is the public relations manager for Zoot Enterprises, located in Bozeman, Mont. You can follow her on Twitter @karenrgordon.


Subscribe Now

Access to authoritative analysis and perspective and our data-driven report series.

14-Day Free Trial

No credit card required. Complete access to articles, breaking news and industry data.