In 1950, Alan Turing proposed a simple game.
A human judge sits at a terminal. On the other side are two participants: one human, one machine. The judge asks questions. Both answer. If the judge cannot reliably tell which is which, the machine wins. Turing called it the Imitation Game. He thought it was a reasonable proxy for intelligence.
He was not thinking about synthetic identity fraud.
The test assumed one thing above all else: that the human was trying to be recognized as human. The whole point was authentic self-presentation under scrutiny. The machine was the impostor. The human was the ground truth. You just had to build a good enough detector to tell them apart.
Fraud inverted this so completely it should have come with a footnote in the original paper.
Now the machine is the judge. And the human, the impostor.
The question is no longer whether the machine can convincingly pretend to be a person. The question is whether a person, armed with machine-generated documents, machine-generated voices, machine-generated faces, and a machine-assembled financial history, can convincingly pretend to be themselves.
Frank Abagnale did this with a typewriter and confidence. Whether he did everything he claimed is now disputed, which is itself a fitting detail. But he is the case study we still teach.
The modern version does not need confidence. It needs compute.
What Turing described as a philosophical parlor game has become the operating model for modern application fraud. The impostor sits at the terminal. On the other side is your onboarding flow. The judge is an algorithm trained to approve good customers and pressured to hit a quarterly conversion target. The impostor wins not by being brilliant but by being slightly more plausible than your threshold.
The threshold, in most cases, was not designed with Abagnale in mind. It was designed to reduce abandonment.
We built the most sophisticated identity verification systems in history, layered biometrics on document checks on database lookups, with behavioral signals running underneath, and the attack surface is still the same as it was in 1964. Find the gap between what the system is optimized to do and what it needs to do. Modern fraud finds it in the gap between your approval rate target and your actual risk tolerance.
Turing thought the hard problem was making a machine that could pass for human.
It turned out the hard problem was making a system that could tell when a human was passing for someone else entirely.
He would have found it interesting, probably. He had a talent for problems that looked simple until you turned them over.
We are still turning this one over.
Shyam Menon is a product leader specializing in fraud and identity in financial services. This is one of a series of framework posts on how to think about fraud prevention, identity, and AI products in regulated industries. He writes at shyammenon.com.