Increasing adoption forces facial age estimation to retread familiar debates

Facial age estimation is under increased scrutiny as regulations like the UK’s Online Safety Act introduce millions of people to the technology for the first time. Some of the questions raised about biometric accuracy and bias, data protection and censorship have been answered, but the details of those answers are also going under the microscope as age assurance requirements advance around the world.

Expectations and circumvention

Le Monde cautions that facial age estimation “can only provide an age estimate.” The publication warns of the technology’s flaws, noting that the initial draft of European Commission guidelines on age checks did not recommend facial age estimation for high risk services like pornography and gambling.

That and two examples of spoofing are Le Monde’s examples of the widespread criticism the technology has received. Reports of users defeating age checks with presentation attacks like holding up an image of a video game character are evidence that “these tools can be circumvented.”

The spoof referred to was carried out against an age assurance system used by Reddit and Discord, with technology from Persona and k-ID. Such spoofs can generally be prevented with liveness detection (or presentation attack detection) software, which is not mentioned. And the EC’s view had changed by the time the guidelines were updated in October, Le Monde points out.

As Twitch expands its age checks for UK users to comply with the Online Safety Act, Cybernews recommends using a VPN such as those from its sponsors to avoid the platform’s facial age estimation, also provided by k-ID.

A recent breach of selfie images used for biometric matching from a Discord partner is held up as “an example of what can go wrong when ID uploads are stored by verification providers.” Discord’s partner’s over-retention of data is mentioned, but that the breach affected an appeals system, not the age estimation system, is not.

Those details are important to any argument suggesting that the data security of people using is at higher risk when they use age estimation. The importance of proper implementation to the effectiveness of online age checks is an obvious lesson from the early days of adoption.

Differentials, demographics and developers

Concerns about how well facial age estimation works for different groups of people may be a more productive line of inquiry.

Analysis of the treatment of bias in Australia’s Age Assurance Technology Trial (AATT) by The Guardian in September suggested the final report downplayed problems with facial age estimation technology.

The analysis notes that the report does find lower average accuracy among age estimation systems for Indigenous Australians, and indicates they may have been underrepresented in a  “mystery shopper” exercise that revealed high error rates.

The UK-based Age Check Certification Scheme (ACCS), which ran the trial, found that despite some demographic disparities, age estimation did not appear to adversely impact any group.

The late-August update of the Face Analysis Technology Evaluation (FATE) Age Estimation & Verification from the U.S. National Institute of Standards and Technology (NIST) shows that the developers with the best overall accuracy tend to have lower differentials between demographics compared to those with higher error rates.

Past advice from NIST looms large here: “know your algorithm.” The average demographic discrepancy (or “bias”) of a group of algorithms is not a particularly meaningful number, NIST Biometric Standards and Testing Lead Patrick Grother told Biometric Update back in a 2020 interview about bias in facial recognition. All solutions on the market use a particular model, and how the specific algorithm works in a particular implementation is what matters.

Article Topics

age verification  |  biometric age estimation  |  biometric liveness detection  |  biometrics  |  Face Analysis Technology Evaluation (FATE)  |  face biometrics  |  facial age estimation (FAE)  |  selfie biometrics