FinTechPropTechTask Prompt

Claude Prompt for Synthetic Identity Fraud Simulations

This Arbiter red-team prompt simulates the synthetic identity fraud patterns identified in the GAO's Department of Labor unemployment insurance audits against your own API endpoints. It deploys 200 concurrent synthetic registration profiles with mismatched PII to measure edge blocking, then returns a weak-link inventory, remediation proposals, and prosecution-ready evidence requirements. Built for fraud engineering and risk teams at fintech and proptech platforms.

How to use this prompt

1
Paste the prompt into Arbiter in the deepidv dashboard to run a live simulation, or into Claude or ChatGPT to design the red-team exercise before execution.
2
Supply your API endpoint inventory, production rate limits, edge blocking rule set, and sample anonymized synthetic-profile patterns in the INPUT section.
3
Review the edge blocking results by pattern group: block rate at the edge, pass-through rate to the verification engine, and the false-positive rate on legitimate baseline traffic.
4
Prioritize the weak-link inventory, especially endpoints where blocking under-performed and latency spikes that allowed batched bypass attempts.
5
Implement the remediation proposals, retain the prosecution-ready evidence logs and cryptographic receipts, then schedule a re-run to confirm the projected block-rate lift.

The prompt

Arbiter, launch a simulation testing our API endpoints against the automated synthetic profile patterns recently identified in the GAO's Department of Labor audit. Deploy 200 high-volume concurrent registration scripts utilizing mismatched PII metrics to test our edge blocking parameters.

INPUT, the user will paste:
- API endpoint inventory and the production rate limits at each
- Current edge blocking rule set and the throttle behavior under load
- Recent improper-payment incident notes (if available) for context
- Sample anonymized synthetic-profile patterns to seed the simulation

OUTPUT, return the following structured response:

1. SIMULATION SETUP
- The 200 synthetic profiles used, grouped by mismatched-attribute pattern (PII / device / behavioral)
- The concurrency model and the ramp profile
- The endpoints exercised and any pre-conditions

2. EDGE BLOCKING RESULTS
For each pattern group:
- Block rate at the edge (denied before backend)
- Pass-through rate to the verification engine
- False-positive rate on legitimate baseline traffic captured during the run

3. WEAK-LINK INVENTORY
- Endpoints where edge blocking under-performed
- Latency spikes that allowed batched bypass attempts
- Behavioral patterns that consistently slipped past the rate limiter

4. REMEDIATION PROPOSAL
For each weak link:
- Proposed rule or model adjustment and the agent that owns it
- Expected lift in block rate and the projected false-positive impact
- Deployment risk and the rollback path

5. PROSECUTION-READY EVIDENCE
- Logs and signals the firm should retain for any GAO-style audit
- Cryptographic receipts that bind each blocked event to a specific endpoint, time, and rule

Be specific. Quote endpoint paths and rule IDs where the simulation surfaces a weakness. Do not hedge the remediation priority.

Test it in Claude or another LLM

This prompt is built for the Arbiter agent inside deepidv, where Arbiter runs a synthetic-identity attack simulation against your API endpoints, modeled on the automated profile patterns from the GAO Department of Labor audit, to stress-test edge blocking under high-volume concurrent registration scripts. You can dry-run the same workflow in any general LLM first with a fake endpoint inventory to see the simulation report shape before executing it against real infrastructure.

1
Paste the full prompt into Claude, ChatGPT, or Gemini, but replace the opening direct address 'Arbiter,' with a role instruction such as 'Act as a fraud red-team engineer designing a 200-script synthetic-profile simulation against onboarding API endpoints, modeled on the GAO Department of Labor unemployment-insurance fraud patterns.'
2
Under the INPUT section, paste the synthetic sample data block below so the model has an endpoint inventory, rate limits, edge blocking rules, and seed synthetic-profile patterns to simulate against.
3
Add a framing line: 'This is a tabletop simulation on synthetic test endpoints. Model expected block rates and bypass paths analytically. Do not claim a real attack was executed.'
4
Check the output shape: you want a simulation setup grouping the 200 profiles by mismatched-attribute pattern (PII / device / behavioral) with a concurrency ramp, edge blocking results per pattern group (block rate, pass-through, false-positive on baseline), a weak-link inventory naming under-performing endpoints and latency spikes, a remediation proposal per weak link with owning agent and rollback path, and prosecution-ready evidence with cryptographic receipts. Confirm it quotes endpoint paths and rule IDs and does not hedge the remediation priority.
5
Once the output shape is right, run it live in the deepidv dashboard where Arbiter executes the simulation against your real API endpoints, production rate limits, and edge blocking rule set.

Synthetic sample data to paste alongside the prompt

Fake test data, safe to share with any LLM. Swap in your own once the output looks right.

API endpoints: POST /v1/register (rate limit 100/min), POST /v1/verify-ssn (50/min), POST /v1/upload-doc (30/min).
Edge blocking rules: RULE-TEST-001 IP velocity cap, RULE-TEST-002 device-fingerprint reuse block; throttle returns HTTP 429 under load.
Seed synthetic-profile patterns: PII-mismatch (real-format SSN ending 0000 + fabricated name TESTPERSON-A), device-cluster (200 profiles, 4 emulator fingerprints), behavioral (registration cadence 0.4s/field).
Recent improper-payment note: fake incident DOL-TEST-CASE-77, batched UI claims.

Pairs with on deepidv

Sources & further reading

FAQ

What synthetic identity fraud patterns did the GAO find in unemployment insurance programs?

GAO audits of Department of Labor unemployment insurance programs documented automated, high-volume registrations built from mismatched PII, recycled identifiers, and scripted device behavior, contributing to tens of billions of dollars in improper payments. This prompt turns those documented attack patterns into a controlled simulation you can run against your own endpoints.

Is it safe to run a fraud simulation against production API endpoints?

Run it against a staging environment or a production mirror first, and always seed it with anonymized synthetic profiles rather than real PII. The prompt's setup section defines the concurrency model and ramp profile so you can throttle load, and every remediation item includes a rollback path so rule changes stay reversible.

Run it with live verification data

These prompts work in any LLM. Inside the deepidv dashboard, Luna, Arbiter, and Arc run them against your real sessions, screening lists, and audit trails.

Book a Demo