FB pixel

Yoti and Luciditi demo interoperable age assurance through PKI

Yoti and Luciditi demo interoperable age assurance through PKI
 

A method of using public key infrastructure (PKI) to enable interoperability among age assurance providers and systems was shared at the Global Age Assurance Standards Summit last week by Luciditi CTO Philip Young and Yoti CTO Paco Garcia.

In a session presented along with Mark Roberts of the Age Verification Provider’s Association (AVPA), they explained how the PKI approach works and why they selected it.

Digital certificates presenting an age claim are signed by a certification authority and presented as QR codes in a proof of age app, Roberts explained, allowing for its authenticity to be confirmed online or offline. Each issuer makes their public key available to verifiers through a public key directory (PKD).

The approach can be used for a variety of online and in-person use cases, including the major targets of age restrictions like pornography and gambling services. Just as important, it can meet the requirements set out by different jurisdictions around the world with different types of tokens, such as that a person is 18+ or 21+. It also supports consumer choice of providers.

euCONSENT, as an independent non-profit, can play the role of trusted central certification authority, Roberts suggests. PKI is easily scalable, and represents a “’lighter’ solution than that used in euCONSENT’s phase 1 pilot,” he says.

Garcia explained how the token can be added to a web browser, similarly to a cookie, or on a device, with limited time effect as dictated by local regulations.

PKI is a mature technology, Garcia point out, “it’s used in all the mission-critical infrastructure around the world,” like online payments and passports.

The token includes no identifier, as part of the privacy by design approach the partners took. Instead, it contains assertions that biometric liveness detection was used during the age check, the time the check was performed, the age threshold that was met, that the method used is one of the approved choices, and that it was issued by a trusted party. Geolocation can also be added, if the age verification scenario demands it.

The specifics of each can be defined by the local regulator.

“We wanted cost effective solution,” and one that is flexible, Garcia emphasizes. That flexibility includes support for token processing and generation in digital identity wallets including the EU Digital Identity Wallet (EUDIW), mobile driver’s licenses, via on-device checks, age estimation and checks against mobile network operators or credit agencies.

The demonstration depicted a QR code being generated by Yoti’s app, and then read by Luciditi’s, and the reverse, with a laptop held up to the camera running Yoti’s scanner. The payload with the proof of age appeared, and then disappeared after 10 seconds, as another privacy feature.

Young noted that the collaboration did not require extensive planning beyond agreeing that PKI is the best route to interoperability. The greatest amount of discussion, he says, went towards defining the QR code and how to make it smaller.

Related Posts

Article Topics

 |   |   |   |   |   |   | 

Latest Biometrics News

 

Biometrics cycle from innovations to scale-up opportunities

Biometrics integrations range from the experimental to the everyday in the most-read articles of the week on Biometric Update. Yesterday’s…

 

US Justice developing AI use guidelines for law enforcement, civil rights

The US Department of Justice (DOJ) continues to advance draft guidelines for the use of AI and biometric tools like…

 

Airport authorities expand biometrics deployments with Thales, Idemia tech

Biometric deployments involving Thales, Idemia and Vision-Box, alongside agencies like the TSA,  highlight the aviation industry’s commitment to streamlining operations….

 

Age assurance laws for social media prove slippery

Age verification for social media remains a fluid issue across regions, as stakeholders argue their positions to courts and governments,…

 

ZeroBiometrics passes pioneering BixeLab biometric template protection test

ZeroBiometrics’ face biometrics software meets the specifications for template protection set out in the ISO/IEC 30136, according to a pioneering…

 

Apple patent filing aims for reuse of digital ID without sacrificing privacy

A patent filing from Apple for ensuring a presented reusable digital ID belongs to the person holding it via selfie…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events