To be clear, I’m not advocating for online age verification. I’m very much against it in any form. I’m just curious from a technical standpoint if it’s possible somehow to construct an accurate age verification system that doesn’t compromise a user’s privacy? i.e., it doesn’t expose the person’s identity to anyone nor leaves behind a paper trail that can be traced to that person?
Even if it works, it’s a solution without a problem. If I can afford internet access, I am mature enough to see anything on the internet, and I am mature enough to decide which users can access my internet-connected network and whether they can have access to the whole internet. That’s all the age verification needed ever.
The request for age verification by each website is purely about unnecessary control and censorship.
In principle it should be possible to do a zero-knowledge proof.
This means that the website asking for age verification asks a yes/no question like “Is this user 18+?” and the age verification service (like a digital ID provided by the government or whatever) answers “yes” or “no” accordingly, but without telling anything else about the user. Also, the verification service should ideally not know who asked for the age verification.
So the site you want to visit only knows the thing they need to know: Whether you are 18+ or not. Nothing else. And the age verification service only knows somebody asked for age verification and provided the answer, but do not know which site you visited.
This is all possible, but I don’t have high hopes this is the intended implementation of any government seeking age verification, so don’t get your hopes up.
There are some pretty strong arguments that even zk proof is a flawed way of preserving privacy though, in a variety of ways. It prevents pseudonymity by enabling one-user-one-account, and it leaves users vulnerable to being coerced to reveal their full online activities by handing over cryptographic keys.
Got ready to read some bullshit,
Vitalik Buterin
nevermind. But damn, what a great read. I haven’t given much thought to on-chain ID in years and he lays it out pretty well. Still sounds like encrypted tokens are the way to go, but we all need to have multiple forms for it to protect anonymity.
If there’s one person who knows their applied zk proofs, it’s that guy.
The one who asked the verification service also shouldn’t know who the verification service is, imho.
I’m not sure that is feasible, because in order to trust the answer, I feel the asker must know and trust the one providing the answer. It sounds like you’re imagining a system with many different ID providers? What prevents me from creating my own provider that just answers “Yes”, even for people under 18? If the site asking does not know it is my fake ID service providing the answer, I’m not sure they can trust any answer.
But I won’t pretend to be an expert on this topic, so perhaps it is feasible somehow.
the asker must know and trust the one providing the answer.
This is possible if there’s a central authority for that that everyone can agree to trust, like the government records directly. The issue is ensuring the rest of the chain remains anonymous so the only thing the authority gets is the request that an undisclosed service is verifying John Doe is 18+ and nothing else. And that’s not something many governments are going to want to allow with the increasingly alarming amount of authoritarian leadership.
doesn’t this just raise the authentication requirements? like in the uk we got added checks for who was could work, and lots of deliveroo drivers shared the login + password of someone they knew who was verified.
I think it should be easy to identify when an account is being shared. For example if it’s used from different ip addresses within a short amount of time
The problem is not the system or the idea of age verification
The problem is that no one on earth can be trusted with that level of monitoring, control and power.
Nah you can totally trust me, I’m too lazy to do anything nefarious
Wait until you have that power and you’re made offers that are hard to resist.
Great! … the solution to our problems … let’s all trust edgemaster72
Oh, oh shit, this has backfired massively, I didn’t think anyone would go along with it, that’s way too much responsibility
This is precisely what the chosen one would say!
Its possible.
Open source front app + a secure element thing in the backgound.
You download an app. You verify your identity, then the app sets up a OTP thing with the shared secret seed lasting for 30 days. But every 30 seconds the OTP changes. Everyone doing a verification in these 30 days gets the same exact secret seed.
The seed hides in the secure element of your device. Every 30 seconds, it releases the new OTP to the Open source app. The app doesn’t connect to the internet once the OTP has already been set up. So nobody knows if you actually view the OTP code.
So the government only knows you have the verification OTP set up not which websites you visited, the website only knows you have a valid OTP from the government, but you could be any of the people in the past 30 days (which the company don’t even have access to).
Even if the company and government cooperates, they could only pin down the time of website registration and that you are one of the millions of people that did the verification and requested a OTP Seed.
(Idk the exact terminology for these things, but hopefully I make sense)
The seed hides in the secure element of your device. (it won’t be impossible to extract, but the average kid is not gonna be able hack a secure element).
But only one person needs to “hack” it on their device to publish the key, allowing everyone to use it without “hacking” their own device.
You can’t store a key on a device and keep it safe from the owner.
Depends on how reliable you need this system to be. For example, do you need to handle the scenario where an adult verifies their age to access a website, then lets a minor use that website in their place? That would be a much harder problem to solve than if you just need to verify that an adult was present on the other end at one point in time. For the latter, device-based age verification seems to be trivial to set up from a technical standpoint.
If there was a certificate you could verify from the government once you had it it only verified with the site saying 18+/21+ type of thing, if have certificate allow in, I feel that should be more than enough. Profile on the device with the cert is logged in with passcode, fingerprint, faceid, password whatever… Just to have the cert attached to your user for the browser to verify it was there would cover it. It shouldn’t show birthdate, or any user data, just age over 21 - yes.
Zero-knowledge proof. Medium has an example, though unfortunately the article logs user data, so beware on that.
It’s possible but it would defeat the purpose of age verification
Yes, it is, see quark ID as an example of decentralized open source project by the city of Buenos Aires, in Argentina, which leverages zero knowledge proofs:
The government knows who you are. They know your age, your address and know you exist (probably).
You go to a site that requires ages verification. You say:please verify me with the government portal. You go to that portal to get a temporary id code to give to the site. The website says to the gov portal give me the name and age of the user with this temp ID. You approve that access. Portal sends age (or an is over 16/18/21 etc flag) to the site.
- Gov portal doesn’t need to know who the site is.
- You don’t provide a unique ID to the website, just a temporary one.
- as if codes are temporary, you must have access to the id/login now, not just at some point
- Site only gets the data you approve/it requested,.not everything.
The process can do with some streamlining, but should work in practice?
- Sign up for age verification platform and upload your government ID on the platform (let’s call this platform Age Verifier).
- Age Verifier confirms you’re an adult, and lists you as an adult in their system.
- Age Verifier purges your government ID and any PII on you. The only thing they keep is your basic account details and the fact that they’ve confirmed you’re an adult.
- The next time you login to an adult site, you verify yourself by logging into Age Verifier’s platform. The adult site confirms with Age Verifier that you’re an adult, and you’re good to go.
This system probably works, but it’s not without its downsides. We’ll need a way to confirm that your government ID and PII is actually deleted on Age Verifier’s platform. A way to deal with this might be to make sure Age Verifier is never driven by profit so they’ll never need to look into selling people’s data. Maybe it could be ran by a non-profit? Or perhaps it can be ran by the government? But if you don’t trust the government, that could be an issue.
And I can also see an issue where one guy who keeps creating different Age Verifier accounts, verifying that the account is an adult, and then selling that account to people.
We’ll need a way to confirm that your government ID and PII is actually deleted on Age Verifier’s platform. IMO this is the hardest part to ensure in a transparent manner.
