siliconindia | | DECEMBER 20239What Cybercriminals UseGenerally, Cybercriminals like to use PII relating to people who have very less or no credit history so the banks have no pre-existing credit records on them because their applications have little chance to be flagged. As per Federal Reserve, Synthetic Identity Fraud is so sophisticated and success rate is very high, hence it is becoming one of the fastest-growing financial crime in the US and it is making its impact in India.As per data maintained by the National Crime Records Bureau, 3,466 and 3,353 cases of online frauds were registered in 2017 and 2018, respectively in India. According to TransUnion CIBIL's Fraud Trend 2018, there is a significant number of synthetic identity fraud in India also. In India as per industry data, Frauds due to applicants submitting fraudulent contact information have risen by three percent contributing to 18 percent of all detected frauds a Falsification of address proof is the most popular behavior seen amongst fraudsters.Synthetic Identity DetectionDetecting synthetic identities has been a major challenge for financial institutions because there is not a single definition or any industry standard to define the legitimacy of an identity. Banks are categorizing the financial losses tied to synthetic identity as 'bad debt' therefore it is difficult to consider a fraud timely. In the US, Synthetic identity fraud accounts for 10-15 percent of lender's losses each year. As per an estimate through Panacea Infosec industry observation there is 10-12 percent of credit card losses due to synthetic fraud In India also.By synthetic Identity, fraudsters present the fake Identities similar to real customers with limited credit history applying for an account therefore risk detection systems normally unable to identify. Along with this in most cases, there is no clearly identifiable victim and often goes unnoticed and unreported right up until fraudster makes the frauds. Normally banks identify synthetic identities very late.Although in India as per Information Technology Act 2000 Chapter IX Sec 66C identity theft is a punishable offense, the law says, "Whoever, fraudulently or dishonestly makes use of the electronic signature, password or any other unique identification feature of any other person, shall be punished with imprisonment of either description for a term which may extend to three years and shall also be liable to fine which may extend to rupees one lakh". Many sophisticated technologies that help to detect other types of fraud are not useful in these types of fraud. Machine-learning techniques such as deep neural networks that find patterns associated with fraud are of little use because so few cases of synthetic ID fraud have been uncovered. Unsupervised machine-learning techniques that look for irregularities in data also struggle, because there are no clearly defined differences between real and synthetic IDs at the time of application.To detect synthetic IDs using third-party data can be useful. Data of real identities scatter in many data systems either physically or digitally and these data trails can't be fake. With deep data mining into the data trails, real identities leave behind can help financial institutions detect whether their customers are real or not. Along with this, a robust set of identity protection and fraud management capabilities that address fraud and identity challenges, including account openings and account takeovers protect banks or lenders curtail losses from this sophisticated crime of the new millennium. To detect synthetic IDs using third-party data can be useful. Data of real identities scatter in many data systems either physically or digitally and these data trails can't be fakeAjay KaushikFounder & CEO
< Page 8 | Page 10 >