The GiD Report #118 — The fastest growing cybercrime and what it tells us about the state of identity

GlobaliD
GlobaliD
Jul 14, 2020 · 4 min read

Welcome to The GiD Report, a weekly newsletter that covers GlobaliD team and partner news, market perspectives, and industry analysis. You can check out last week’s report here.

Here’s what we have this week:

  1. The Fed’s new report on synthetic identity payments fraud (and what that tell us about the state of identity)
  2. Stuff happens

1. The Fed’s new report on synthetic identity payments fraud (and what that tell us about the state of identity)

First off, Here’s a report that Greg contributed to from the Federal Reserve on synthetic identity payments fraud. We’ve talked about synthetic identity fraud in the past, and it continues to be a buzzy topic. Why? According to McKinsey, it’s the fastest growing cybercrime today.

Photo: Pixabay

It’s also the type of fraud that highlights exactly what’s wrong with the system today, hitting the U.S. particularly hard because of our outdated identity frameworks and our over-reliance on Social Security Numbers. 40 percent of synthetic IDs are just random SSN numbers with some real PII sprinkled in for good measure.

That’s compounded by all the data breaches in recent years (which are only growing), providing criminals with a growing pool of stolen PII. Siloed data only exacerbates the issue, making detection difficult. 95 percent of synthetic identities go undetected using current fraud models, according to the Fed.

Naturally for the Fed, it’s a big problem for most of the reasons that you’d expect:

Synthetic identities can be used to deceive government or corporate systems into thinking they are real people — creating far-reaching impacts on the U.S. financial system, healthcare industry, government entities and individual consumers. While synthetic identities are sometimes used without criminal intent, there are serious consequences when criminals use them to steal funds, escape detection or facilitate drug and human trafficking. They also have been linked to crime rings, including those that fund terrorism.

What’s more scary is that there’s going to be a huge delay between the rising growth we’re seeing now and the painful but delayed societal impact we’re going to experience down the road. Right now, there’s minimal detection, minimal investigation, minimal awareness, and minimal reporting.

Especially if you’re a kid:

According to the Child Identity Fraud Study conducted by Javelin Strategy & Research, more than a million children were victims of identity fraud in 2017. While this figure is not specific to synthetic identity payments fraud, it indicates the potential magnitude of risk to children, who are a favorite target for this type of fraud. Synthetic identity fraud can lie dormant for years, only being uncovered once individuals turn 18 and apply for their first car or student loans. Other consequences of synthetic identity fraud extend beyond payments fraud to include denial of disability benefits, rejection of tax returns and inaccuracies in health records.

And let’s just say — with the way things work now, trying to reclaim your identity once it’s been compromised is not fun.

The solutions aren’t easy either because the problem is systemic so any response needs to be comprehensive. For starters being able to digitally verify a SSN would be a step in the right direction. That initiative started last month. (Are you surprised that we weren’t able to do that?)

The other pillars, according to the Fed, have to do with regulations and data integrity.

And the more you read into the report and think about where things need to go, the more you start to realize that the world is eventually going to start to look a lot like what we’re building at GlobaliD:

  • Actually verified claims attached to your identity
  • A portable identity that you own/control
  • An identity that you can easily reclaim in the case of fraud
  • No more data silos — they’re easily hackable and make fraud prevention all but impossible

Not because it’s cool, or anything — even though it is. But because we pretty much have to. And with the current trend toward a more digital life only accelerating with everything going on, the stakes are only getting higher — along with the opportunity cost of not acting.

Anyway, I’ll leave you with this quote from David McCourt of Granahan McCourt Capital during an OWI identity panel last week:

When I started in the network company, the phone company owned your phone number. Young people now don’t even think about that. They used to own your handset. They owned the network, the service, the hardware, and the number.”

Spoiler alert (in narrator’s voice): They don’t anymore.

(FYI: OWI’s KNOW 2020 is now officially canceled.)

Related:

2. Stuff happens:

GlobaliD

Your identity, your data