Evolutions In Identity Theft May Bypass Fraud Prevention Checks

Imagine a world where you can’t trust anything you see. Your business may have a genuine customer with a genuine date of birth, but everything else you ask them to provide is generated via AI.

How can your business determine the real data from the fake?

Why is identity theft becoming harder to detect?

You might believe that your database has up-to-date, verified customer information, such as names, dates of birth, addresses, and ID documents.

But how do you know if any of the information is real?

With criminals now using a mix of real and fabricated information, they can create identities that appear completely genuine during onboarding but are untraceable later.

By understanding two of the evasion tactics used, you can gain deeper insight into why they’re becoming harder to detect.

1. Synthetic identity

Synthetic identities are a combination of real and fabricated information. These combinations create completely new identities that do not exist in real life.

For example, a combination of the following could be used:

  • A legitimate National Insurance Number

  • A real name

  • A fake date of birth

  • AI-generated identity documents

  • Temporary email address and phone number

  • The address of a short-term rented flat

Because there is a mix of real and fabricated information that may not be tied to a single real victim, it is possible to bypass verification.

2. Deepfakes and AI-generated documents

How often have you seen something either online or televised and wondered whether it’s real or AI-Generated?

Sometimes it’s obvious, other times you need to really concentrate to see rogue elements.

If you’re not expecting AI-generated fake documents, cloned voices, or manipulated biometric images/videos, are you actually looking for them?

How ongoing monitoring can help your business

Many businesses still believe that compliance is a one-time onboarding issue and that once a client has been accepted and verified, they can do as much business as they want with them.

However, that’s not the case. A client’s risk is constantly changing.

  • Transaction patterns may change over time

  • The customer now appears on a sanctions list, whereas they didn’t before

  • Credentials stolen today may be used next year, rather than instantly

Ongoing monitoring allows a business to reassess a client’s risk throughout the business relationship, alerting it to anything that may indicate fraud before it has a chance to escalate.

If you’re worried about keeping on top of your ongoing monitoring, MLVerify can help by continuously checking Companies House for updates to company listings, as well as monitoring PEP and Sanctions lists for changes to an individual’s status.