euCONSENT’s tokenized age verification set for PoC at upcoming age assurance summit

The European Union has its own ideas about how age assurance should be carried out for restricted online services, and the bloc’s euCONSENT initiative is advancing its AgeAware tokenized age verification solution to the proof-of-concept stage.

Feedback from European data protection authorities motivated the development of euCONSENT 2.0.

French data protection regulator CNIL proposed a double-blind solution, in which cryptographically signed age assurance certificates could be generated and provided to age-restricted websites without identifying or tracking the user.

Spain’s AEPD came out in favor of device-based age verification, suggesting that the risk of age assurance being used by predators to find children online needs to be mitigated.

The euCONSENT consortium formed a new non-profit in Belgium and secured a grant from the Safe Online fund to carry out the development. Age verification providers Yoti, AgeChecked and VerifyMy were part of the original euCONSENT project team, and were tapped to design a proof of concept for the system.

The first two phases of the software build, covering foundational issuer and key services and the relying party and tally services for users. Phase three of the project, which includes building the anonymization service and the AgeAware app, is in progress. The next phase will consist of optimizing and scaling the services, while implementing “security measures like zero-trust architectures.”

euCONSENT plans to demonstrate the proof of concept at the 2025 Global Age Assurance Standards Summit in Amsterdam in April.

The organization notes that while this work has been going on, the European Commission has launched a tender for further large-scale pilots of the EU Digital Identity Wallet, including for age verification. A second tender seeks an interim age verification app for use ahead of the finalization of EUDI Wallets.

Wallets, apps and APIs

The Age Verification Provider’s Association (AVPA) argues that the EUDI Wallet was not designed with anonymous age assurance in mind, but various software solutions that were have been introduced to the market and should be considered by the EU.

An opinion piece by Bora Cybersecurity Content Strategy Manager Anastasios Arampatzis for Information Security Buzz sets out an argument in favor of wallets as the means of age assurance. But the editorial argues in its section on “age verification options and their drawbacks” that biometric age estimation “can make errors, particularly with diverse demographics. There are also privacy concerns since facial data collection risks misuse or unauthorized access.”

No mention is made of the demographic breakdowns of independent tests of age estimation algorithms, or the discarding of user data after estimation but without saving it to memory.

APIs can be an effective alternative to digital wallets for age checks, based on the assessment by John Lewis of how Yoti’s biometric age estimation has worked for it. The online retailer needed something more robust than self-assertion of age when it began selling knives online.

A Medium post from the company explains how it approached the balance between compliance and user experience when implementing Yoti’s facial age estimation.

Yoti says in its blog previewing 2025 that between developments in the U.S., France, the UK and Australia, and the potential for regulators elsewhere to follow their lead, age checks will be a popular topic over the next 12 months.

Forbes Technology Council has 17 ideas for how social media platforms can keep children safe, and stricter age verification is just one.

The ideas presented include AI monitoring and risk scoring, combining authentication with AI agents, behavioral analysis, identity verification based on blockchain, and a radical approach “to never let children interact with real people.”

Article Topics

age verification  |  AgeAware app  |  AVPA  |  biometrics  |  digital identity  |  double-blind age assurance  |  EU age verification  |  euCONSENT  |  Global Age Assurance Standards Summit  |  tokenization  |  Yoti