Fraudsters seem to be perpetually ahead of the curve. Early in 2022, research indicated that one in four online accounts was fraudulent, a figure that has only escalated since. In the auto lending sector alone, losses amounted to $7.9 billion due to a 98% rise in synthetic fraud in 2023. Fraudsters, leveraging generative artificial intelligence, are increasing both the complexity and volume of fake accounts, bypassing verification processes and defrauding businesses.

The surge in stolen and synthetic identities has introduced new challenges. Many businesses are now grappling with fake customers within their systems. For example, financial institutions inadvertently extending credit to synthetic identities and educational institutions dealing with applications from non-existent students. However, efforts to combat these fraudulent activities often unintentionally alienate genuine customers.

Advances in AI have given rise to "super-synthetic" identities, which pose an even greater threat than their predecessors. These identities are entirely self-learning and automated. Instead of relying on brute force, they adopt a more sophisticated approach, engaging in small, human-like transactions over extended periods. AI enables these fraudsters to create convincing replicas of an ideal customer, such as a college freshman seeking financial aid. This methodical activity often evades detection, ultimately leading to successful fraudulent applications for credit.

A fitting analogy from the Dune series illustrates this concept: just as the warriors’ shields deflect high-speed projectiles but allow slow-moving blades to penetrate, security systems tuned to detect mass-produced fake identities may miss the subtler, slower fraud attempts. This nuanced approach enables fraudsters to sneak past defenses undetected, causing significant financial damage.

In response to sophisticated fraud attempts, many organizations have tightened their security measures, sometimes to the detriment of legitimate customers. Overly sensitive systems can result in numerous false positives, leading to customer frustration and abandoned applications. Normal activities, such as using VPNs, abbreviated names, or accessing accounts while traveling, can trigger these security measures, necessitating manual reviews and additional verification steps that drive customers away.

To effectively combat fraud, financial institutions and other industries must focus on building trust. Quickly verifying a user’s identity while minimizing delays and additional security steps benefits both customer satisfaction and business ROI. Implementing trust-based security protocols that assess user actions, rather than just credentials, can help. Factors like geolocation, activity frequency, VPN usage, and behavior on other sites can create a comprehensive trust profile. By leveraging these trust signals, businesses can avoid overly stringent security measures that deter legitimate users. This approach allows for a smoother user experience while maintaining robust security, preventing fraud without compromising customer satisfaction.