FB pixel

Parental consent in focus at day 3 of Global Age Assurance Standards Summit

Parental consent in focus at day 3 of Global Age Assurance Standards Summit

Day three of the Global Age Assurance Standards Summit hosted speakers presenting on how to use decentralized digital identity for parental consent, how the biometrics industry is responding to regulatory demands, the open identity exchange approach, and other key topics for the age assurance and age verification industry.

AgeAware app to be the centerpiece of euCONSENT 2.0

In a presentation on euCONSENT, Iain Corby, executive director of the Age Verification Providers’ Association, revealed the direction for the program’s second phase and introduced the AgeAware App. Financed for its pilot phase with €1.4 million (US$1.5 million) from the European Commission, euCONSENT 2.0 has funding from the United Nations through UNICEF’s Safe Online initiative.

“We are moving away from the concept of publisher based age assurance to decentralized app-based age assurance,” says Corby, in what he calls a “pivot.” The first phase of euCONSENT involved a device-based token system for age verification. Corby explains the new system using the metaphor of a chocolate wrapped in foil. The raw ingredient is a user’s age, which they must prove when entering an age restricted website, via the AgeAware app – what Corby calls a “thin application,” a technology-neutral client that can work with a multitude of software and hardware options.

After performing age verification through biometrics, facial age estimation or more traditional means processed through a provider, AgeAware issues a token. This is the foil wrapped chocolate. The part with the ingredients (personal information) is inside. The wrapper is the external public product on which AgeAware confirms that what is inside meets the threshold for age verification.

As a user accumulates tokens from different websites using different age verification providers, AgeAware will interrogate all of them and choose the best token for that particular relying party. The content provider may have a preference in terms of pricing, or it may simply accept the published price of that verification provider, which is a generic price available to anybody who wants to use the token. A backstop is in place offering a default price for a party that has no verification deal in place.

“That means that the relying party just needs to find a token, even if they’ve never met the age verification provider and have no contract,” says Corby. “They can still use that token interactively to check the age of the user, which is provided to the right party through an anonymizing service.” Tokens will expire over time.

A tallying service overseen by euCONSENT keeps track of which age verification provider’s tokens are being reused for new verifications, and then reports to an orchestration scheme to charge and distribute fees to the providers. This also eliminates the need for relying parties to report their own numbers.

Corby says phase one saw particular problems with allowing parents to provide parental consent, in terms of linking the identities of parent and child. Priorities for phase two address “unfinished business,” such as advancing zero-knowledge proof, improving the degree of untrackability, expanding compatibility to apps, and exploring integration with the EU digital wallet. The plan also involves updating certifications, refining underlying ethical principles, and deepening the involvement of international standards organizations such as the ISO and ITU.

Although euCONSENT frames itself as an industry-led response to European regulatory demands, the project has global aims. It is managed by an NGO, euCONSENT ASBL, whose membership includes representatives from industry, academia and the legal worlds.

Ver.iD demos decentralized ID system for parental consent 

Showcasing the potential of digital credential wallets, Roger Olivieira, co-founder of Amsterdam-based age and identity verification firm Ver.iD, explains that the Dutch government issues verified personal information that can be retrieved with an app such as that provided by Ver.iD. The government is experimenting with a decentralized digital ID system that would allow for digital verification of relationships between two individuals – for example, a child and their guardian. Then, a “parental dashboard” would allow linked guardians to provide parental consent by verifying the age of minors (“wards”) attempting to log into apps or accounts that require age assurance (for example, video games or social media).

Report on EU age assurance says more regulatory pressure needed

Martin Sas from the KU Leuven Centre for IT & IP Law outlined its forthcoming report for the EU Parliament on the trustworthiness of age assurance. The report aims to map the legal requirements for age assurance under European law, identify potential risks to fundamental rights, and evaluate risks for specific methods.

The report says that necessity, proportionality and the best interest of the child should always be considered when age assurance is implemented. In the latter, protection should be fairly balanced against the digital rights of the child. Of biometric age assurance methods, age estimation is judged to be less reliable than age verification – but verification is “more intrusive.”

Ultimately, the report raises concerns about risks to privacy and security, and the potential for age assurance measures to be discriminatory or to exclude people with limited access to ID documents or technology, or people with various developmental disabilities. It thus emphasizes the need for regulatory consistency and increased pressure to meet conformance testing, to keep up with increases in use.

Open Identity Exchange outlines vision for universal ID

In his talk, Nick Mothershaw, chief identity strategist for the Open Identity Exchange, outlined how the organization sees the connection between digital identity and age assurance. Its vision for a “simple, universally trusted ID” focuses on educating relying parties on the facts and advantages of biometrics and digital identity, through a variety of initiatives including events, consultations and resources.

Mothershaw highlights the importance of trust frameworks and trustmarks to make sure the security relationship is addressed from both sides. OIX has analyzed trust frameworks from around the world, including the UK Digital Identity and Attributes Trust Framework (DIATF), eIDAS 2.0, the NIST version 4 draft, and the DIACC Pan-Canadian Trust Framework.

Related Posts

Article Topics

 |   |   |   |   |   |   |   |   | 

Latest Biometrics News


Mastercard aims to deliver digital identity, access for 100M in Africa

Mastercard is doubling down on spreading its Community Pass, a digital platform that holds a digital ID and wallet in…


DPI critical to effective digital transformation in government

Robert Opp, chief digital officer of UNDP emphasizes the importance of viewing DPI as the digital equivalent of physical infrastructure,…


Age verification comes to social media as age of unregulated use nears an end

If trends continue, social media is set to follow in the path of cigarettes: an activity benefitting early from lax…


AI can save UK govt £40B annually, revolutionize public services: Blair Institute

AI will soon be used to pre-check applications for correct information, triage cases by calculating complexity and routing them appropriately,…


Papua New Guinea completes national data protection and governance policy

The Ministry of Information and Communications Technology has announced the completion of the national data protection and governance policy, marking…


Interpol issues call for biometrics firm to provide mobile data collection devices

Interpol has issued a tender for mobile ​​biometric collection (MBC) devices for collecting fingerprints and facial images. Specifically, the project…


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events