top of page
  • Writer's pictureDaniel Moreno Montoya

How can credit institutions protect themselves against identity fraud?

If we told you that for every million dollars that come into the credit institution where you work, it loses $24,200, would you believe us? Identity fraud costs for institutions that grant credit through digital channels in Mexico are equivalent to 2.42% of their total annual revenue.

As technological advances make it possible to create new credit options for the unbanked population, cases of identity fraud are also on the rise, generating millions of dollars in losses for financial and multiple-purpose companies.

Validación de identidad prevención fraude identidad instituciones de crédito
Identity fraud: a crime causing millions of dollars in losses for credit institutions

Undoubtedly, we are facing a problematic paradox: it is becoming increasingly important to offer credit services through virtual and mobile channels; however, this trend causes losses due to identity fraud.

How to solve this dilemma and reduce fraud cases in your credit operations to a minimum? With a thorough identity validation.

This article will review the main types of fraud, why identity validation becomes the most efficient solution to face this crime, and the characteristics that make identity validation efficient.

Identity theft and synthetic identities: the most common fraud schemes

Exists two types of fraud that are problematic for credit companies: identity theft and synthetic identities, both used by delinquents to apply for financial products.

For every dollar involved in a case of identity fraud, credit institutions lose $3.9, or 4 times the face value of each fraudulent transaction.

In terms of the number of cases, in 2021 alone there were 49,871 complaints attributable to the Comisión Nacional para la Protección y Defensa de los Usuarios de Servicios Financieros (Condusef) for identity fraud, a figure that includes only people who reported their cases.

Considering that in 2011 there were 8,248 complaints, we can establish that identity fraud has grown 6X in the last ten years, on par with the implementation of new technologies and the digitization of financial services.

But what is identity theft?

Identity theft occurs when a criminal obtains financial, personal, and identification data. With this information, it is possible to impersonate an identity to apply for credit, financial products, or open bank accounts.

Among the most commonly used methods to steal an identity are Phishing, Vishing, and Smishing, scams in which criminals contact victims posing as a financial institution and convince them to reveal personal data, security codes, bank passwords, and other critical information.


Phishing is committed through mass e-mails pretending to be legitimate accounts of financial institutions. With alarmist or urgent messages, criminals make people go to fraudulent websites -which also emulate official ones- to extract their data.


Unlike phishing, attackers perform vishing through telephone calls. In these cases, the attackers have some preliminary information, such as card numbers or IDs, with which they manage to generate trust among the victims to reveal other data, such as passwords or security keys.


In this case, the communication channel used is text messages. Using shorter SMS messages, the criminal directs people to malicious pages identical to the original ones, from which they manage to steal their data.

What are synthetic identities?

From the theft or illegal obtaining of personal, financial, and identification data comes another form of identity fraud: synthetic identities.

This type of fraud is carried out either by combining data of several people, actual and fictitious data of a person, or false data to build an identity from scratch, with which the attackers simulate young or older people with no bank records and small purchase traces.

Unlike identity theft, in this case, criminals do not supplant the identity of an existing person but create a new one using the data of one or more individuals, to apply for credit and financial products through virtual channels, which makes it a crime that is difficult to detect.

In fact, according to the study Mitigating Synthetic Identity Fraud in the U.S. Payment System, conducted by the Federal Reserve Bank of Boston, traditional fraud detection models are ineffective in identifying between 85% and 95% of synthetic identity cases.

Validating identity: the key to preventing fraud

According to the study The True Cost of Fraud in Latin America - 2019: Mexico Report, in which were interviewed 30 risk and fraud decision-makers in financial services institutions, the best option for preventing fraud is identity validation, as well as the biggest challenge, according to 83% of respondents whose companies have a strong presence in virtual channels.

However, if the decision-makers charged with reducing this scourge have identified the solution, why do identity fraud losses continue to grow? As the Federal Reserve Bank of Boston study concluded, traditional fraud detection models aren´t effective.

In this regard, according to decision-makers, the main factors that make identity validation a challenge are the rise of synthetic identities and the lack of access to real-time third-party data sources, which, in turn, stand out as the biggest impediments to traditional identity validation models.

For these reasons, lending institutions must adopt identity validation tools that meet the characteristics to perform this process efficiently without compromising the security or revenue of the institution or the user experience.

What are the characteristics of an efficient identity validation?

These three features make identity validation an efficient process, such as the one you can perform on the Nufi platform.

1. Better user experience and less friction

According to the study of the cost of fraud in Latin America, Mexico chapter, 60% of decision-makers in the credit areas agree that it is increasingly challenging to manage fraud prevention while minimizing customer friction.

In this aspect, it is necessary to reduce the data requested and the response times, not only to provide a better user experience but also to be more agile against the competition so that you can grant credit to prospects with good profiles before another institution does.

With Nufi, for example, you only need a full name, gender, date, and place of birth to perform an automated identity validation, which delivers a report with information from more than 40 official, public and private records in five minutes.

2. An increased amount of real-time data

Another indispensable feature is to have as much validation data in real-time as possible, which decreases your response times for credit approval, improving the user experience and increasing the indicators of successfully closed deals.

When you validate your identity with Nufi, you also get validation of identification documents, work history, judicial records, and digital identity.

The report includes data associated with CURP, RFC, professional license, securities, shareholdings in companies, the validity of INE, geolocation of address, social security number, weeks contributed to the IMSS, work history, consultation in the blocklists of SAT, Interpol, OFAC, and possible social networks, telephone numbers, e-mails and relevant results in search engines.

3. Improved conclusions from validated data

Validation data alone is not enough. We can verify that a person exists and his information is truthful, but this is not enough to establish whether he can become a good client. It is necessary to obtain conclusions that allow us to foresee their financial reality, such as their ability to pay.

With the Nufi platform, you get the most extensive identity validation in Mexico and interconnections to know the estimated monthly payment capacity of a client, the progression of their salary, and their percentage of job stability.

This data correlation allows you to accurately anticipate the convenience of granting credit to each evaluated in real-time, reducing the probability of future risks. Thus, you can identify users with little labor stability, without payment capacity, or with decreasing salaries that could lead them to non-payment situations.

Remember that we have a team ready to answer any questions regarding identity validation so that you can learn more about our scope and how our solution helps you make more agile and secure decisions, minimizing the risks of your operation.

Click here and schedule a meeting to learn more.

75 views0 comments


bottom of page