Options for biometric age assurance and how to orchestrate them take Summit spotlight

Presentations at the Global Age Assurance Standards Summit on Thursday largely centered on the technologies available to meet the standards, prevent the harms and deliver the benefits discussed during the first three days of the event in Manchester.

A day four panel discussion on orchestration service providers was moderated by Open Identity Exchange Chief Identity Strategist Nick Mothershaw.

The panel consisted of Veratad CEO John Ahrens, PDMS Founder Chris Gledhill and CDD Services Founder and Chair David Crack. PDMS is a software development company with extensive experience working with entitlements for online systems of public record, and CDD provides an orchestration platform geared towards regulatory compliance. Veratad provides digital identity and age verification.

The orchestration layer sits between the trust scheme, such as the UK’s Digital Trust Framework, and relying parties. It translates the governance scheme into technology. As such, it makes trusted services like those for age assurance and makes them available to relying parties in a compliant, and in theory effective, efficient way. Ahrens described the role as sourcing, managing and standardizing technologies.

The functions of orchestration providers evolve as they work to make things easier for their customers, Ahrens says.  “We’re not just orchestrating the providers or the methods, we’re orchestrating the experience as well.”

Business models differ between orchestration service providers, Gledhill points out. PDMS is focussed on “compliance, convenience, and cost-effectiveness,” he says. The means making effective technologies consumable for customers. This can be difficult as new requirements are applied to “legacy contexts.”

From a data privacy and compliance standpoint, the most important function of orchestration is to minimize the sensitive data that need to be held, by themselves or relying parties, to provide the service in question, Gledhill says.

If systems are designed properly, orchestration can make compliance a business enabler, rather than a barrier, saving money by preventing problems at the beginning of interactions, Crack explains. This is in contrast with what he calls a “tick-box compliance” approach.

Ahrens pointed out that in contrast with many established uses for digital identity online, age assurance processes in many cases prioritize data minimization. This makes the case for reusable IDs particularly attractive.

The discussion also touched on privacy protection, commercial models for orchestrators and the limits of digital age assurance as protection against harms in the physical world.

In response to a question from the audience about how to deal with different priorities held by societies in different jurisdictions, Ahrens noted that Veratad has integrated seven different digital credential providers, and advises customers to select among them for different customers based on the priorities of the jurisdiction they are in.

In the case of entitlements, however, Gledhill points out, tying the attribute of age to the identity of the person receiving a service is often a practical necessity.

Technology providers showcase emerging options

Biometrics and digital identity vendors also showcased their ideas and products for providing age assurance at the event.

Trust Stamp Account Executive Amy Kneale and colleagues presented the company’s vision for Age Estimation as a Service (AaaS).

By tokenizing a biometric template in a way that removes the biometric data, Trust Stamp’s Stable IT2 provides a cryptographic system for facial authentication without exchanging biometric data.

The company hopes to get its Stable IT2 into production during the second quarter of 2024.

A challenge identified to this approach during the discussion that followed is how to map the technology against the existing standards and regulation, and those in development.

The summit was not confined entirely to the online world. Innovative Technology presented its age estimation technology for in-person transactions at the event.

ITL Senior Business Development Manager Christian Czeskleba recounted the story of a group of youths entering a store with the company’s MyCheckr visible at the checkout during a trial. The youths spotted the biometric age-estimating device, conspicuously conferred in a group, and each purchased a lemonade. The incident, he says, illustrates the deterrent effect of making clear to minors that they will be asked to confirm their age if they attempt to purchase age-restricted goods.

The presentation also offered a sneak peak at the company’s Alerts app.

Czeskleba answered a question from Yoti CEO Robin Tombs that ITL will consider submitting its age estimation algorithm to NIST for evaluation in the future.

Article Topics

age verification  |  biometrics  |  data privacy  |  Global Age Assurance Standards Summit  |  identity orchestration  |  Innovative Technology  |  Trust Stamp  |  Veratad