Four changes are at play here that open new doors to threat actors: 1. Synthetic identity quality now meets quantity. New generative AI tools dramatically ramp up both the quantity as well as the quality of synthetic identity creation — for example, using generative AI to fill in the gaps in identity creation by creating plausible supporting identity content, employment documentation, social media content, images and voices at mass scale. 2. Building and deploying synthetic IDs now takes minutes, not days. AI tools also deliver extreme speed. Viable synthetic identities may have taken several days or weeks to build in the past, requiring significant manual effort. They can now be built in minutes and deployed almost immediately. 3. “Off-the-shelf,” easy-to-use tools are widening the pool of bad actors. Readily available tools, once only hidden deep on the dark web, are now widely accessible through everyday social channels — whether those are generative AI tools focused on creating synthetic identities or code for malicious attacks. This is “de-skilling” synthetic identity fraud, making it a transactional process that many more bad actors can manage, with tools either specifically developed for this purpose or more generic GenAI tools put to that purpose. 4. Orchestration and coordination are on the rise globally. Large, organized groups of bad actors are harnessing these tools, increasingly at an international scale across borders, to create and manage hundreds if not thousands of identities. So, how do industry leaders manage dynamic hidden threats? The good news is that you likely have all the puzzle pieces you need for your systems to answer questions like “Is the person whose application I’m dealing with really the person I think they are?” or “Is this a legitimate transaction request from this long-standing customer?” Banks hold vast amounts of data related to customers, devices, behaviors, transactions and networks. When combined, this data paints a comprehensive picture, incorporating elements like customer and account information, counterparty and transaction details, alert histories, watch lists and negative news screenings. These datasets form the foundation for robust fraud risk management and power analytical models designed to prevent, detect or investigate fraud. However, many banks operate within a fragmented ecosystem of platforms, tools and models, often functioning in isolated silos. Separate operational teams may also focus on distinct fraud types, hindering seamless collaboration and slowing information sharing during investigations. 31 NEBRASKA BANKER
RkJQdWJsaXNoZXIy MTg3NDExNQ==