Synthetic identity fraud has become one of the multifamily industry’s most expensive blind spots. It often doesn’t look like fraud until the eviction filing is already in motion. There are no credit red flags, nor anything that would trip a standard screening tool designed for a different kind of risk. By the time an operator realizes the “tenant” was never a real person, the unit has already gone into default, and the paper trail has gone cold.
The numbers explain why this has moved from anomaly to structural threat. Synthetic identity fraud jumped a staggering 311% year over year in North America in early 2025. The documents fueling it are now produced with a fidelity that defeats manual review and, increasingly, defeats the credit-file logic screening platforms were built around. A first-time Social Security number generates a blank, “clean” credit file by design, which, to most algorithms, reads as a qualified applicant rather than a fabricated one. Fraud built to look legitimate is, definitionally, hard to catch with tools designed to confirm legitimacy rather than verify identity.
This report lays out why synthetic identity fraud has been so hard to detect, what a verification framework built to catch it looks like in practice, and the operational, compliance, and staffing tradeoffs operators need to work through before they buy another point solution. The goal isn’t a single new tech tool but a set of moves that treats fraud prevention as a portfolio-wide problem rather than a line item.
The scale of the fraud problem
Fraud exposure in multifamily is no longer a tail risk. In a 2024 survey of 75 apartment owners, developers and managers, 93% reported experiencing some form of fraud in the prior 12 months, according to the National Multifamily Housing Council. A separate TransUnion survey of 98 property managers found that six in ten had experienced rental fraud at least once in the prior two years, and nearly four in ten didn’t identify it until after the applicant had already moved in.
Synthetic fraud specifically has grown fastest within that broader category. Synthetic identity fraud, which blends real and fabricated information to construct a new identity, increased 31% year-over-year in North America in the first quarter of 2025 and now accounts for more than 80 percent of new account fraud, according to data cited in Snappt’s 2026 Multifamily Fraud Report. That report, which analyzed 1.46 million rental applications across 2025, put the average overall application fraud rate at 5.1%, with template farms — assembly-line operations that mass-produce and resell fake document templates — implicated in more than 42,600 flagged cases.
The financial exposure compounds because synthetic fraud is harder to recover from than other types of fraud. There is no real employer to contact, no legitimate forwarding address, and no credit obligation that attaches to an actual person once the unit goes into default. NMHC research indicates that roughly one-quarter of eviction filings nationally are linked to fraudulent applications. Estimates that the cost of a fraud-related eviction, once legal fees, lost rent, unit turnover, and property damage are included, can run as high as $25,000 in contested cases, though most evictions cost considerably less. Even at the portfolio level, where the flag rate appears small, the dollar exposure scales quickly with a sufficiently large unit count.
Confidence in current defenses has not kept pace with the threat. According to Snappt’s 2026 Fraud Report, 61 percent of property managers say they lack confidence in their current process’s ability to prevent fraud. This reflects a mismatch between what standard screening tools were built to do and what synthetic fraud actually requires them to catch.

Why standard screening tools miss synthetic fraud
The core failure is mechanical rather than a matter of insufficient effort. Standard credit checks were designed to confirm that a Social Security number has a credit history attached to it, not to confirm that the person submitting the application is the legitimate owner of that number. A synthetic identity that has spent months or years building a thin credit profile, often through authorized-user tradelines rented from strangers with long, high-limit account histories, will pass a basic credit pull without triggering a single flag.
The mechanics of credit files make the problem worse. Every inquiry sent to a credit bureau creates a file if one does not already exist. A first-time-use Social Security number therefore generates a brand-new file with zero negative history, which reads to a screening algorithm as a clean, qualified applicant rather than as a red flag. There is no delinquency to catch because the identity has never existed long enough to accumulate one.
Manual document review fares no better against modern forgeries. Template farms now produce pay stubs and bank statements that replicate legitimate formatting at the pixel level, and AI tools have made that replication faster and cheaper to produce at volume. Counterintuitively, the documentation that looks most complete and internally consistent is often the strongest signal of fraud rather than the weakest, since genuine applications almost always carry small natural inconsistencies that a fabricated file is engineered to eliminate. Standard consistency checks confirm that the components of an application align with one another. They were never built to confirm that the combination of pieces represents a real person at all, which is precisely the gap synthetic fraud is constructed to exploit.
Digital leasing has removed the one check that once compensated for these gaps. In-person interactions gave leasing staff a chance to observe whether the person standing in front of them matched the documents being submitted. That friction is largely gone from a fully remote application process, and fraudsters have adapted accordingly, refusing live video verification or offering vague excuses when asked to appear on camera.
The three-layer defense against synthetic fraud
Insights by Blueprint Advisory Council conversations point toward a consistent structure among portfolios that have meaningfully reduced synthetic fraud exposure: verification built in layers, on the premise that no single tool closes the gap on its own.
Layer one: identity verification at the source. Rather than confirming that a Social Security number exists and has activity associated with it, this layer confirms that the number actually belongs to the applicant submitting it. Platforms such as Esusu Identity Services and Docuverus now offer SSN-level verification that cross-references applicant data against financial identity networks and, in some cases, records tied to the Social Security Administration. They produce a pass/fail signal with contextual risk factors rather than a simple credit score. Docuverus reports detection accuracy above 99 percent across the portfolios where its platform is deployed, driven by combining identity validation with document-level forensics rather than treating them as separate checks.
Layer two: document and income forensics. This layer moves beyond visual review of pay stubs and bank statements to metadata analysis, examining edit histories, software fingerprints that indicate whether a document was created in an image editor rather than payroll software, and structural inconsistencies invisible to a human reviewer. Findigs, whose product management team has spoken publicly about the mechanics of synthetic versus traditional identity theft, structures its approach around pulling from multiple independent data sources simultaneously rather than trusting any single database in isolation. This is based on the premise that synthetic fraud is engineered to defeat screening that checks only internal consistency. A related and increasingly important component of this layer is independent income recalculation from source data rather than trusting the number printed on a submitted document.
Layer three: biometric and behavioral verification. Live selfie matching against a government-issued ID, in some cases paired with 3D depth mapping or micro-expression analysis, closes the gap that document forensics alone cannot. This is because a synthetic identity has no real face to present in opposition to forged paperwork. This layer pairs naturally with staff training on behavioral red flags: extreme urgency to sign, offers to prepay several months of rent in cash, and reluctance to appear on a live video call are each inconclusive individually but collectively significant when clustered in a single application.

Point solutions give way to platforms
Synthetic identity fraud has pushed vendor strategy in multifamily screening away from single-point document checks and toward layered, multi-signal verification. Snappt’s 2026 fraud report identified template farms as the dominant method rather than one-off forgeries. The scale and organization of this activity have made static ID uploads and manual document review functionally obsolete for portfolios operating at any meaningful unit count.
The vendor response has clustered around three verification layers: biometric identity matching, document forensics, and behavioral or financial cross-referencing. Companies like Snappt and VeriFast have built identity verification around biometric liveness detection and selfie-to-ID matching. Snappt’s integration with CLEAR, for instance, checks applicants against more than 4,600 global ID types and includes metadata-level detection of document tampering. SentiLink has taken a narrower but complementary approach, focusing specifically on synthetic-identity signals such as Credit Privacy Number usage, and has partnered with Yardi to embed that detection directly into ScreeningWorks Pro.
Property management platforms, including MRI Software and Funnel Leasing, have moved fraud detection further upstream into centralized leasing workflows, with Funnel notably shifting from property-siloed screening to portfolio-wide data sharing, so that an applicant flagged at one community is surfaced across the entire portfolio rather than being able to reapply elsewhere undetected.
For operators evaluating vendors in this category, the practical distinction is less about which single tool catches the most fraud and more about where in the workflow detection occurs and how far verification data travels across a portfolio. Point solutions that verify identity or documents in isolation are increasingly being displaced by platforms — Snappt’s “Applicant Trust Platform” is the clearest example — that bundle identity, income, and document verification into a single system with shared risk scoring. Advisory Council conversations suggest that procurement decisions in this category should weigh portfolio-wide data-sharing capability and integration with existing PMS and screening workflows as heavily as raw detection-accuracy claims.
Complicating factors
The framework is straightforward to describe and considerably harder to operationalize across a real portfolio. Vendor maturity varies significantly across the identity verification, document forensics, and biometric categories, and few platforms currently execute all three layers natively. This typically forces operators into a multi-vendor stack with its own integration and data-handling overhead. Portfolio heterogeneity adds a second complication: a Class A urban high-rise with a fully digital leasing funnel faces a materially different fraud profile from a garden-style suburban portfolio with more in-person traffic, and a single verification threshold applied uniformly across both risks either overcorrects friction for legitimate applicants or undercorrects exposure in the highest-risk channel.
Compliance exposure sits alongside the technical challenge. Any denial based on information from a consumer reporting agency triggers the Fair Credit Reporting Act’s adverse action requirements, regardless of whether the underlying concern is fraud-related. A compliant denial-letter process must exist independently of any fraud signal that triggered the review. Operators layering in biometric verification also need to account for state-level biometric privacy statutes, which vary meaningfully in their consent and data-retention requirements.
Staffing models matter as well. A documented internal escalation protocol, so that a flagged application routes to a defined reviewer rather than sitting with whichever leasing agent happened to receive it, is a prerequisite for any of the technology layers to function as intended rather than generating alerts that go unactioned under leasing-velocity pressure.
The implementation order that matters
Multifamily operators don’t need to overhaul their entire screening process to close the gaps that synthetic identity fraud exploits. They need to sequence a handful of targeted moves correctly. Here’s how to move from audit to implementation without disrupting leasing operations:
Audit the current screening stack against the three-layer framework. Most portfolios already have a credit and background check vendor in place. The relevant question is whether that vendor, or a complementary one, is performing true identity verification against source-of-truth data rather than confirming only that a credit file exists. Pilot document forensics on a defined subset of the portfolio before a full rollout. A 60- to 90-day pilot across a handful of properties, benchmarked against historical fraud and eviction data for those same properties, produces a clean before-and-after comparison that supports a broader procurement decision.
Build the escalation protocol before the technology goes live. Define in writing who reviews a flagged application, what documentation is required to support a denial, and how quickly a decision needs to be made relative to the portfolio’s leasing velocity targets. Centralize fraud data across the portfolio rather than leaving it siloed by property. A template farm that reuses the same forged document format across ten properties should be flagged as a pattern the first time it appears, not discovered independently ten separate times. Train leasing staff on behavioral signals as a complement to, not a substitute for, the technology layers. Urgency, reluctance to appear on video, and inconsistent verbal answers about application details remain among the most reliable low-cost signals available at the point of first contact.
Fraud prevention is a system, not a purchase
Synthetic identity fraud succeeds precisely because it targets the assumption underlying most legacy screening: that a clean credit file and a consistent set of documents are evidence of a real, qualified applicant. Both of those signals can now be manufactured at scale. A February 2026 federal indictment in Massachusetts, in which five defendants allegedly sought more than $6.7 million in fraudulent mortgage loans and secured dozens of apartment leases using rented credit tradelines and forged pay stubs and bank statements, demonstrates that this is an organized and ongoing threat rather than an isolated pattern of opportunistic behavior.
The framework outlined in this report does not eliminate fraud risk entirely, but it closes the specific gaps that standard credit and document review were never designed to address. Portfolios that treat this as a governance and vendor-stack decision rather than a one-time technology purchase are the ones building durable protection against a threat that continues to industrialize at a pace faster than static screening can keep pace with.
The operators positioned to win this cycle are those who stop evaluating fraud prevention as a single line-item tool and start treating it as a layered system that protects NOI, reduces bad-debt exposure, and preserves the operational integrity of a portfolio’s resident base against a fraud category designed to look legitimate.
– Nick Pipitone





