How lenders detect synthetic identity fraud

Synthetic identity fraud is when someone builds a new identity from a mix of real and fabricated details, then patiently grows a clean credit file around it before borrowing and walking away. Often the pieces are a real Social Security number attached to an invented name and date of birth. There is no single victim to raise the alarm, so the fabricated identity can mature quietly for months or years.

The fuel for this is the volume of exposed identity data in circulation. In 2024, Social Security numbers were exposed in 1,825 separate data compromises. Identity Theft Resource Center. That is the raw material a fabricated identity is assembled from.

A credit score summarizes bureau-visible file behavior, and a synthetic identity is built specifically to create file behavior that looks legitimate. A clean score on a synthetic identity is not a simple model failure; the model is answering a bounded question about how the file behaves, not whether a person exists.

The old system checks the number. Kenshiki checks the person.

This is the category blind spot, not the failing of any one vendor. Tools that read the file, score the file, or confirm that the file is internally consistent are all answering the same narrow question. None of them asks whether a real, continuous life stands behind the identity. A synthetic identity can look identical to a thin-file real person right up until you check the world outside the file.

Generative AI is making synthetic identities cheaper to produce and more convincing to inspect. What once took a patient operator months of manual file-building can now be generated at scale, with supporting detail that holds up to a casual look. The economics of the attack have shifted, and the defenses that assume a fabricated identity is sloppy no longer hold.

We treat the loss figure carefully on purpose. The $35 billion figure is a 2023 industry estimate, not a measured tally, and the honest version of the story says so. More on the timing on The Evidence.

No. Confirming that a name and number match each other is not the same as confirming that a real person exists. The federal service lenders use for this check returns a match result and explicitly states that it does not verify identity. SSA eCBSV. A synthetic identity can pass that match cleanly, because consistent digits were the easy part to engineer.

So the standard verification stack can return green on a fabricated person. The match confirms the file is well-formed; it does not confirm a continuous life. That gap is precisely where synthetic identities live.

A lender detects a synthetic identity by checking for a real, continuous life rather than the quality of the file alone. At underwriting, Kenshiki returns inspectable evidence — continuity, context, and fit — that a lender can review and defend, so a clean credit file no longer ends the inquiry.

What the evidence looks like

Continuity asks whether the identity reflects a life that accumulated over time or one that appeared and was groomed. Context asks whether the surrounding signals cohere the way a real person’s do. Fit asks whether the application is consistent with the life behind it. Each is returned as evidence a human can inspect, not a single opaque verdict.

Kenshiki does not replace the lender’s decision. It returns the evidence the lender needs to make and defend that decision, with proof boundaries and explanations that can be reviewed later. How we keep that evidence inspectable and accountable is documented on Trust.

A synthetic identity can pass every test that grades the file. It cannot easily fake a life.