You approve an order. The billing details look normal. The shipping address resolves. Maybe AVS passes. You send the product.
Then the dispute lands.
The bank says fraud. The customer says they didn't authorize the purchase. You pull up the order and realize the part that makes this so maddening: the buyer identity doesn't make sense anymore. The email looks thin. The name doesn't connect cleanly to anything. The account history is almost empty. You may be dealing with more than a stolen card or a buyer trying to dodge payment.
For Shopify merchants, synthetic fraud becomes expensive when it can look like a normal order at checkout, then turn into a chargeback that strips revenue, inventory, time, and a lot of confidence in your screening process.
That Strange Chargeback Is Not What You Think
A lot of merchants assume a confusing fraud chargeback falls into one of two buckets.
Either a real customer filed a false claim after receiving the order, or a criminal used a stolen card and rushed through checkout. Both happen all the time. But some disputes don't fit either pattern.
You review the order and see signals that should have meant "safe enough." The address exists. The contact info doesn't look obviously fake. The buyer didn't behave like a smash-and-grab fraudster. Yet the bank still claws back the sale, and your evidence doesn't feel strong enough to prove what happened.
When the customer identity doesn't hold up
This is the part many store owners miss. The person behind the order may not be impersonating one real customer. They may have created a new identity out of mixed pieces of real and fake information.
That matters because your usual fraud instincts can fail here. A synthetic identity can look cleaner than a stolen-card attack. It may not trigger the obvious panic signs. The order can blend in until the payment dispute arrives.
Some of the hardest chargebacks to fight come from orders that looked legitimate at the moment of purchase.
If you've been trying to sort out why apparently valid orders still become fraud disputes, this breakdown of common reasons for a chargeback will probably feel familiar. Synthetic fraud often sits behind the cases that seem impossible to classify.
Why this hits Shopify stores hard
Banks and lenders talk about synthetic identity fraud a lot, but e-commerce merchants feel the pain too. The fraudster doesn't need a long relationship with your store to hurt you. They just need one order that ships before the identity falls apart.
For a Shopify owner, that means:
- You lose the product because it already shipped
- You lose the sale amount when the issuer reverses the payment
- You lose time trying to explain a transaction tied to someone who may not truly exist
That's why "what is synthetic fraud" isn't just a banking question. For an online store, it's a chargeback question.
What Exactly Is Synthetic Fraud
Synthetic fraud means creating a brand-new fake identity by blending real personal data with made-up details. A plain definition from Socure's explanation of synthetic identity fraud puts it this way: it is the creation of a new fictitious identity by blending real Personally Identifiable Information with fabricated fields, and because part of the record is genuine, traditional validation often misses it.
It's akin to an identity stitched together from spare parts.
A fraudster might take one real piece of information, then attach a fake name, fake birth date, new email, new phone number, and an address they control. The result isn't a stolen person. It's a manufactured one.

Synthetic fraud is not the same as identity theft
This is a common point of confusion.
Traditional identity theft usually means a criminal steals a real person's full identity or enough of it to pose as them. Synthetic fraud is different. The fraudster creates a new persona that can pass basic checks because some of the data is real.
That difference matters in e-commerce.
If someone uses a stolen card, you often see familiar fraud clues. Speed. Sloppy details. Shipping urgency. Mismatched information. With synthetic fraud, the order can look more settled and more believable.
Why basic checks can miss it
A merchant can run standard checkout checks and still miss a synthetic identity because the identity isn't entirely fake. Some of the information can validate cleanly.
That's why stronger verification doesn't always solve the problem by itself. If you're also dealing with first-party disputes, this guide on what first-party fraud looks like on Shopify helps separate a lying real customer from a fake customer profile.
Simple analogy: stolen identity fraud is wearing someone else's coat. Synthetic fraud is sewing a new coat from real fabric and fake patches.
For a Shopify store, the practical takeaway is straightforward. If an order seems legitimate but the buyer identity feels oddly shallow or disconnected, you may not be looking at normal card theft at all.
The Three Stages of a Synthetic Fraud Attack
Synthetic fraud usually follows a pattern. SentiLink's overview of synthetic fraud describes a three-phase lifecycle: identity creation, credit-file building, and the final bust-out. It also notes that even a denied application can still help create a bureau file, which the fraudster can use later.
That lifecycle explains why synthetic fraud is so frustrating for merchants. By the time you see the order, you're often meeting the fraudster near the end of a long setup.

Stage one is identity creation
The fraudster assembles a new persona from mixed ingredients. One field may be real. Others are fabricated. The goal isn't to steal one account right away. The goal is to manufacture a believable identity that can survive early checks.
For a merchant, this stage is invisible. You won't see it happening.
What you'll eventually see is the output: an account, payment attempt, or order attached to a buyer identity that seems plausible but lacks the deep consistency of a real customer.
Stage two is relationship building
Here, synthetic fraud becomes patient.
The fake identity starts behaving like a normal user. It may open small accounts, make modest purchases, repay balances, or otherwise avoid attention. The point is to look trustworthy long enough to build acceptance.
A Shopify merchant may encounter this stage in small test orders. The buyer doesn't immediately place a huge suspicious order. They may buy low-risk items first, use ordinary shipping, and avoid behavior that would trigger review.
The danger isn't always the first transaction. It's the quiet buildup that makes the later transaction look ordinary.
Stage three is the bust-out
This is the cash-out moment.
Once the synthetic identity has gained enough trust, the fraudster pushes harder. They use available credit, place larger orders, and disappear. That's when chargebacks, non-payment, or downstream fraud losses show up.
For Shopify stores, the bust-out often looks like a late-stage order that gets approved because the profile has already done enough to look normal.
A common pattern looks like this:
- A new identity appears with believable personal details.
- Small activity builds confidence through low-risk transactions.
- A larger order lands and gets fulfilled.
- The dispute follows after the goods are gone.
That timing is why post-order evidence matters so much. By the time the cardholder or issuer raises the dispute, your team may be trying to defend a transaction tied to a ghost profile.
How Synthetic Fraud Silently Drains Your Revenue
Synthetic fraud isn't just another fraud label. It turns into direct losses when an order ships, the payment gets reversed, and you can't produce persuasive evidence tied to a real, stable customer identity.

The broader numbers are a warning sign. Experian reported that in 2024, false identity cases rose 60% year over year and represented 29% of all identity fraud cases. The same release says independent industry research puts U.S. lender losses from synthetic fraud at about $6 billion annually, accounting for 20% of credit losses.
Those figures come from lending, but the e-commerce lesson is clear. Synthetic identities aren't rare edge cases anymore. They're a meaningful fraud pattern.
Why these disputes feel unwinnable
When a chargeback comes from a synthetic identity, your normal proof can weaken fast.
You may have:
- An order confirmation tied to an email with no real history
- A shipping record showing delivery to an address that doesn't tell the full story
- Checkout data that looked acceptable at the time
- Little identity continuity that connects the buyer to a real person
That's a problem because chargeback fights depend on evidence quality, not just your confidence that the order was fraudulent.
If your current stack isn't helping you stop bad orders early or organize evidence later, this guide to e-commerce chargeback protection for Shopify stores is a useful next step.
The hidden costs pile up fast
The sale amount is only the first hit. Synthetic fraud can also create:
- Lost inventory that you can't recover
- Chargeback fees attached to the dispute
- Operational drag when your team manually researches weak cases
- A dirtier dispute profile with your payment providers
Practical rule: if the buyer identity collapses under scrutiny after fulfillment, you've already lost more than the product.
This is why synthetic fraud hurts more than a single bad order suggests. It creates the kind of chargeback that steals both margin and staff hours.
How to Spot and Stop Synthetic Fraudsters
You usually won't catch synthetic fraud with one magic rule. You catch it by noticing combinations that don't fit together.
One reason this scam keeps working is cost. The Federal Reserve's white paper on synthetic identity payments fraud says a stolen SSN could cost fraudsters as little as $1. The same paper also makes an important point for merchants: stronger identity gates aren't a perfect fix, because they can block legitimate thin-file customers while still letting well-constructed synthetic personas through.
Red flags Shopify merchants can actually use
Start with order patterns, not just single fields.
- A brand-new customer places a high-risk order and doesn't have any prior relationship with your store.
- The email looks fresh or disposable and has no signs of normal customer behavior.
- The IP location and shipping destination don't line up in a way that makes sense.
- The billing identity feels thin even when the transaction passes basic checks.
- The customer account has very little story behind it beyond this one transaction.
If a buyer asks to edit delivery details after ordering, treat that as a review point, not automatic proof of fraud. Plenty of honest shoppers make mistakes. This guide on how to change Shopify shipping address is a useful reference for handling those requests cleanly while documenting what changed and when.
Synthetic fraud versus traditional fraud signals
| Signal | Synthetic Fraud | Stolen Credit Card (Traditional Fraud) |
|---|---|---|
| Identity quality | Looks partially real, partially off | Often tied to a real stolen identity or obvious mismatch |
| Order behavior | Can look calm and deliberate | Often rushed or erratic |
| Account history | Thin, shallow, or newly built | May have no store history at all |
| Verification result | May pass basic checks | More likely to fail obvious screens |
| Chargeback defense | Hard because the customer identity is weak or unreal | Hard, but sometimes easier to trace to classic card misuse |
Don't over-tighten and punish good customers
Many merchants go wrong. They react to fraud by turning every rule up.
That can backfire. Younger buyers, credit-invisible customers, gift purchasers, and legitimate first-time shoppers can also have thin or noisy data. If you block everyone who looks slightly incomplete, you'll reject real revenue and still miss complex fraud.
A better workflow is:
- Review clusters of signals, not one isolated oddity.
- Document customer changes like address edits, email updates, and expedited shipping requests.
- Store evidence early so you aren't scrambling later.
- Blacklist repeat abuse patterns using a process like the one in this guide on how to block and ban fraudulent Shopify customers.
Manual review still matters, but it breaks down when order volume rises. That's why merchants need systems that collect order evidence before the dispute shows up.
Automate Your Defense with ChargePay
Synthetic fraud is difficult for one simple reason. The order can look acceptable when you need to approve it, then become a weak, messy case when you need to defend it.
That gap is where automation helps.
Instead of relying on scattered screenshots, inbox searches, and rushed dispute writing, some merchants use tools that preserve transaction evidence as the order happens and package it when a dispute arrives. One option is ChargePay's product for Shopify chargeback automation, which is built to handle the dispute workflow from evidence collection through representment.
What automation changes
For synthetic fraud, the hard part isn't only detection. It's proving your side after the fact.
An automated workflow can help by:
- Capturing order details early before data disappears or gets overwritten
- Pulling relevant evidence together instead of making your team hunt for it
- Building dispute responses quickly before deadlines pass
- Reducing manual casework on chargebacks that drain staff time
ChargePay says it has a 92.4% win rate, has handled 200K+ disputes, and recovered $10.8M+ for merchants, based on its publisher information. It also has a 4.9-star rating on the Shopify App Store and carries a Built for Shopify badge.
When fraudsters create ghost customers, your defense has to depend on evidence discipline, not memory.
For a busy Shopify merchant, that's the primary benefit. You won't identify every synthetic identity at checkout. But you can stop losing every disputed order just because the buyer profile was hard to pin down.
If synthetic fraud is costing you orders, inventory, and time, install ChargePay from the Shopify App Store. It helps Shopify merchants automate chargeback evidence, submit disputes on time, and recover revenue without manual casework.





