NIST seeks comment on plan to test facial age estimation

The U.S. National Institute of Standards and Technology is planning to begin evaluating age estimation with face biometrics in September, as debates over regulations mandating online age restrictions become more common, but no less contentious.

A draft document on the Face Recognition AE (Age Estimation) API describes how the newest FRVT track is proposed to work. It will not include an identification or recognition function, but is otherwise proposed to run similarly to the existing FRVT tracks. Mean absolute error (the difference between actual and estimated ages), false positive rate, false negative rate, and the estimated age which would give an error rate of zero if used as a threshold are the metrics NIST plans to report.

The agency is specifically asking for public comment on whether the test should include evaluation of the age difference between two images of the same person.

The document refers to legislation, in some cases mandating facial age verification, but generally not specifying a mechanism for age estimation, as motivation for the new tests.

NIST is seeking comments by August 3, 2023.

Regulatory clarification

The State of Utah’s Attorney General’s office has declared facial age estimation meets the requirements of SB 287, which governs the requirements for state residents to view online pornography. The opinion was shared in response to a legal battle between the Free Speech Coalition and the state government.

Pointed out by Yoti CEO and Co-founder Robin Tombs in a LinkedIn post, a memorandum in opposition to the plaintiff’s motion for preliminary injunction from Utah’s AG’s office argues that age assurance can be provided by state residents “with either no inquiry into personal information whatsoever or very minimal inquiry done by third parties, not the porn sites themselves.”

The memo refers to age verification using an ID document but provided by third parties that share only verification results with content providers, or age estimation through face, voice, or behavioral analysis. Facial estimation is also noted as the most mature of the age estimation methods.

Tony Allen, CEO of the UK’s Age Check Certification Scheme, also weighed in, submitting expert witness testimony that age assurance is possible through modern technology without infringing on free speech or privacy. The burden these measures impose on online content providers and the people who consume their content is minimal, Allen writes in testimony also shared on LinkedIn by Tombs.

He also argues that on-device filters can be helpful, but “only provide a partial solution.”

Utah has also recently passed age assurance requirements for social media platforms.

New ZKP entry

Vendors continue to enter the age verification market, with zero knowledge proof platform provider Outdid raising $2.5 million in a seed funding round.

The company says its software provides private ID verification, and that it is primarily focused on age verification use cases. The platform is also fraud-resistant, scalable and cost-effective, according to the announcement.

“On one hand, data privacy has become a significant concern for people globally. On the other hand, fraud with online verification has reached a new record, the prevention of which requires more data collection and processing,” says Zvezdin Besarabov, Outdid’s CEO and co-founder.

“Our ID document verification solution addresses these issues head-on. It is designed to ensure that not only verification is fraud-resistant, but personal data remains private, tucked away from prying eyes,” says Ana-Maria Pricop, Outdid’s COO and co-founder.

Meanwhile in England, the “Britcoin” digital currency being developed by the Bank of England with a privacy layer from Nuggets could also be used for age verification, Singapore’s Straits Times reports.

Like Outdid, the use of zero knowledge proofs provided by Nuggets would enable verification of data that is not shared with the relying party.

Article Topics

Age Check Certification Scheme (ACCS)  |  age verification  |  biometric testing  |  biometrics  |  Face Recognition Vendor Test (FRVT)  |  NIST  |  Outdid  |  standards