Will JonesSynthetic identity fraud has become one of the fastest-growing financial crimes in the United States, and the systems banks use to catch it were built for a different era. Mohit Garg has been working on how a detection architecture built for this class of threat would function.
Somewhere in a bank’s customer database, there is an account with a payment history, a credit score, and a Social Security number that belongs to a child who has never applied for credit. Everything else was generated. The account was opened to build a history that would eventually support loans that would never be repaid. By the time the bank flags anything, the loss has already happened.
This is synthetic identity fraud, and it is built specifically not to look like fraud. According to TransUnion’s H1 2025 Omnichannel Fraud Report, US lenders faced $3.3 billion in exposure to suspected synthetic identities by the end of 2024, an all-time high. Verification platform Sumsub reported a 311 percent increase in synthetic identity document fraud across North America between the first quarter of 2024 and the first quarter of 2025. Generative AI has made convincing synthetic personas, complete with fabricated demographic histories and transactional profiles, possible to produce at volume and at speed. The detection systems most financial institutions rely on were not built for this problem. Mohit Garg, a cybersecurity researcher and inventor based in Charlotte, North Carolina, has been working on why, and what a detection architecture built for the actual nature of the problem would look like.
Why Existing Detection Keeps Failing
Conventional fraud detection learns from labeled examples of past fraud. This works for identity theft, where a real person’s credentials are used in ways that deviate from their established behavior. Synthetic identities break this model at the foundation. Unlike a stolen identity, a synthetic one has no established behavior to deviate from. It builds its own history from scratch, mimicking a legitimate customer so convincingly that anomaly detection has nothing to flag. And because no real person was victimized, there is no one to report suspicious activity, which means institutions have no feedback data to improve their models with.
In Garg’s assessment, the architecture of most detection systems is the core problem. “Training on historical fraud data means you are always one step behind,” he has written. “Synthetic identities are not variations on known fraud patterns. They are new constructions, and a detection system that has never seen how they are made is not equipped to find them.”
Training the Defense Against the Attack
Garg’s paper, published in the proceedings of the IEEE International Conference on Reliability, Infocom Technologies and Optimization, proposes a dual-network architecture built on a different premise. Rather than training a detection model on historical fraud, the system trains the detector directly against a generator that is actively producing synthetic identities.
The architecture pairs a conditional Generative Adversarial Network that produces synthetic identities with a Siamese neural network trained to distinguish real identities from synthetic ones. The two run in a continuous feedback loop, the generator producing increasingly convincing fakes while the detector works to keep pace. It is closer to how locksmiths and lockpicks have always pushed each other forward than to how conventional fraud models are trained. The detector does not depend on a dataset of confirmed fraud cases because it learns from watching the generative process itself.
The published results are specific enough to be useful. The detection model reaches over 95 percent accuracy and maintains that level against increasingly sophisticated synthetic identities. Using the generator to augment training data pushed accuracy from 86 to 92 percent, confirming that the same network producing the fakes can also make the detector harder to fool. The system was also tested for speed and found viable for real-time deployment, which matters because flagging a synthetic identity six months after onboarding is, by most measures, too late.
How the Field Is Responding
As financial institutions and researchers grapple with synthetic identity fraud, Garg’s work has begun drawing attention from those working at the intersection of AI and security. Other researchers have begun citing it in peer-reviewed studies on AI-driven fraud detection and security frameworks, a pattern that tends to happen when a methodology addresses something the field has been struggling to solve rather than refining something it already handles well.
That attention has translated into something more concrete. Garg has been appointed to Technical Program Committees for IEEE-sponsored conferences, including one hosted at Princeton University, where the role involves assessing whether submitted research on AI security represents a genuine step forward. He has reviewed manuscripts for Springer Nature’s Scientific Reports, one of the most widely read peer-reviewed journals in the world, on topics including quantum-safe cybersecurity architectures and machine learning-based intrusion detection. He also judged the Agentic AI Hackathon at Ulster University in the United Kingdom. These are not positions offered to researchers who have simply published in the area. They are typically extended to researchers who are actively contributing to how the field is evolving.
Generative AI has made the production of convincing synthetic personas faster and more accessible than at any point in history, and the trajectory is not reversing. Garg’s research does not claim to have solved the problem. What it demonstrates is that training a detection system against the generative process itself, rather than against the historical record of past fraud, produces measurably better results. In a field where that gap has now produced a $3.3 billion all-time high in lender exposure, that is a direction the industry cannot afford to ignore.