U.S. lender exposure to synthetic identities is nearly $3 billion; Auto loans reach $1.8 billion representing more than 60% of total exposure to synthetic identities, according to an update from TransUnion (NYSE: TRU).
As origination volumes for some credit products slow, a new TransUnion analysis finds fraud risk is “continuing its upward trajectory as fraudsters employ increasingly sophisticated tactics to target lenders.”
TransUnion found that synthetic identity fraud continues “to be among the most prevalent, especially in the auto finance industry, with both incidences and lender exposure associated with such fraud reaching all-time highs.”
Synthetic fraud is the use of personally identifiable information (PII) “to fabricate a person or entity in order to commit a dishonest act for personal or financial gain.”
Based on proprietary insights from TransUnion’s global intelligence network, the analysis demonstrates “that while lender exposure to synthetic identity fraud remained relatively flat or even declined among some industries, the auto finance industry was a clear exception.”
In the first half of 2023, U.S. auto lenders saw “an increase in total synthetic identity exposure, reaching $1.8 billion.” This represents “a 38% rise year-over-year (YoY) and marks the second consecutive year of increased exposure in the auto finance industry.” These findings are based on the total credit amount “a synthetic identity has access to for U.S. auto loans, bank credit cards, retail credit cards and unsecured personal loans.”
Trade incidences and lender exposure associated “with synthetic identities are both at all-time highs, and auto finance is the driving force of that growth.”
Exposures associated with synthetic identities are significantly higher “for the auto finance industry than those we see for any other industry, and that margin is likely to grow as fraudsters continue to gravitate toward the industry that they perceive as the most profitable to them. Fraudsters secure their auto loans with a synthetic identity, and drive away with expensive, new vehicles, never to be seen again.”
In the first half of 2023, the retail and video gaming industries “saw the highest rates of suspected digital fraud globally at 10.6% and 7.0%, respectively, followed by telecommunications at 5.3%.”
Globally, insurance and logistics were “the industries with the lowest suspected digital fraud attempt rate in H1 2023. Among all industries, the suspected digital fraud rate stood at 5.3%, up from 4.5% one year ago.”
Naureen Ali, vice president of product management at TransUnion, said:
“When attempting to gauge the impact of digital fraud for any industry, fraud rates alone are an insufficient measure. It’s important to look at the industry’s overall size based on the total number of transactions, along with how much that industry is growing. This helps one develop a more holistic perspective on the impact of fraud on these industries, along with an idea of where the fraudsters may be focusing in the future.”
When looking at industries from a global digital transaction growth perspective, the gaming industry (online sports betting, poker, etc.) “stands out, showing a YoY increase in total transactions of 85.3%.”
When the consumer is located in the U.S. “during the transaction, gaming had the highest suspected digital fraud attempt rate in H1 2023 at 10.2%.”
However, the number of digital transactions coming “from the U.S. in that industry dropped when comparing H1 2022 to H1 2023 (down 18.5% YoY), potentially blunting the impact to an extent. And while insurance saw a 61.2% increase in U.S. digital transactions YoY, the suspected digital fraud rate remained relatively low at less than one percent.”
The analysis also examined the volume and severity of data breaches for the first half of 2023 and compared them “to previous years, using publicly available data analyzed by TransUnion’s TruEmpower.”
Results showed that primary breaches “increased 5% over the first half of 2023 as opposed to the same period in 2022.” This stands in comparison “to third-party breaches, in which a business network is attacked via third-party vendors or suppliers, which declined YoY in H1 2023.”
While a person’s name continues to be the most exposed individual credential, “a Social Security Number has passed date of birth as the second most often exposed individual credential in breaches in the first half of 2023.”
Social Security Numbers were “exposed in 69% of breaches, up from 60% last year.”
Driver’s licenses or other state identification information “were exposed in 31% in the first half of 2023, more than double last year’s 14% mark.” Checking or savings account numbers “also saw their exposure double year-over-year.”
TransUnion came to its conclusions primarily “based on intelligence from its identity and fraud product suite, TransUnion TruValidate, which helps secure trust across channels and delivers efficient consumer experiences.”
The rate or percentage of suspected digital fraud attempts reflect interactions in which TransUnion customers “were either denied in real time due to fraudulent indicators or were determined to be fraudulent after a manual review process—as compared to all transactions it assessed for fraud.”