Synthetic identity fraud — where attackers create accounts using partially real, partially fabricated identity data — is now the #1 financial fraud vector in the US. This fintech was losing $180,000 per month to it.
The fraudsters were creating accounts using real SSN fragments combined with fabricated names and DOBs. Each account passed KYC checks because the identity data technically existed in credit bureau records. Once verified, they immediately initiated ACH transfers to external accounts and disappeared.
Why Traditional KYC Failed
KYC verifies identity documents. It does not verify that the person presenting those documents is actually a human sitting at a real device. The fraudsters were operating a semi-automated pipeline — real identity data, bot-driven account creation.
Sentinel's Role
Sentinel's SDK was added to the signup flow to evaluate the device and behavioral context of each new account application. Despite the identities passing KYC, the devices failed: headless browser signatures, proxy-masked connections, and TLS fingerprints inconsistent with the claimed device types.
Outcome
97% reduction in synthetic identity fraud accounts within two weeks of deployment. Zero legitimate users were blocked or asked for additional verification. The fintech's fraud ops team went from reviewing 400 suspicious accounts per week to under 12.