this post was submitted on 26 Jul 2025
31 points (89.7% liked)

science

20668 readers
259 users here now

A community to post scientific articles, news, and civil discussion.

rule #1: be kind

founded 2 years ago
MODERATORS
m3t00@lemmy.world
Joleee@lemmy.world
laverabe@lemmy.world
DeadPand@midwest.social
laverabe@lemmy.zip
31
Age verification (lemmy.world)
submitted 1 week ago* (last edited 1 week ago) by ransomwarelettuce@lemmy.world to c/science@lemmy.world
28 comments fedilink hide all child comments
 

Lately there has been a lot of controversy about age verification and it's implementation in places such as UK and US.

The main critic to this mechanism is due being done through facial recognition or a government ID which are privacy invasive.

So here is my question as someone who comes from IT, wouldn't it be possible to create a device which just gives out true or false depending if the person is of age, given some kind of piece of DNA (hair, blood, nails) ?

I known there is carbon dating, but from what I understand is a bit of complicated process. The human body however shows it's age visually and I would be interested to know if genetically there are some signs as well that could be somewhat used in a automatic process.

Again I come from IT, just curious about the implications and your takes on the problem.

you are viewing a single comment's thread
view the rest of the comments
[–] AbsolutelyNotAVelociraptor@sh.itjust.works 33 points 1 week ago* (last edited 1 week ago) (11 children)

The solution is really, stunningly simple:

Your gov issues official documents about you (driving license, passport, id cards...). They know your age.

Your gov is also a trustworthy institution since all those cited above are official documents that anyone, anywhere will accept as valid.

So here's the solution: the gov creates a digital certificate in which the only stored data is your age, or even less: your adult state (as a boolean; if over 18 = TRUE).

The gov issues the cert on demand to any person after presenting any valid ID to prove who you are (it can be done online, with only the id verification being done in person). The cert is bound to your device, and if you change phone, you must migrate it so you can't have it in two devices.

Since the issuer is a trusted authority, the cert can be used as a proof of age in any site needing it as the only thing they need is to read the cert and confirm the auth of the issuer.

And as the cert is only a boolean status saying if you are underage or adult, there is no privacy concerns as the one checking your age won't know anything else about you.

There, you just solved a "huge" problem in a simple way and with no privacy concerns.

[–] ransomwarelettuce@lemmy.world 1 points 1 week ago* (last edited 1 week ago) (6 children)

Oh that makes sense an age certificate that only gov can generate. No ties to your identity whatsoever, still one could easily borrow someone else's. Maybe it could work like JWT or OTPs, go to gov platform generate it being only valid for a couple mins and paste it in the website.

[–] AbsolutelyNotAVelociraptor@sh.itjust.works 4 points 1 week ago* (last edited 1 week ago) (3 children)

the only way to borrow it is physically taking the phone, and even then, if the phone is locked, you need to unlock it. The cert by itself is bound to a device, if you give that device to someone else, that's on you. It's not a fault in the system but in the user.

Think of how 2fa apps work. They generally are locked under a code or biometrics, if someone else access to them, it's because you gave them access, so it's your responsibility.

[–] ransomwarelettuce@lemmy.world 1 points 1 week ago (1 children)

Yeah . . . Now being devil's advocate faceID would prevent that.

But still if instead of bounding a cert to a device we went to a gov platform for a limited time token/OTP it would work too. It could be shared too but so could u ask ur brother to show up in the facescan before entering a website.

[–] AbsolutelyNotAVelociraptor@sh.itjust.works 3 points 1 week ago (1 children)

Yes, but then, to generate the code, the gov has to know who's asking for it. If the cert is locally stored in your phone, nobody can know who's asking for it.

[–] ransomwarelettuce@lemmy.world 1 points 1 week ago* (last edited 1 week ago)

At least here in Portugal we have a eletronic ID platform that provides some services that could be one of them.

What I was saying was going to that platform or app ( they have a app I think too ) grab a token generated for that website specifically and paste it.

Than the website would receive the token and given a key received by the gov to operate in the contry gets the playload and checks if the person is of age.

load more comments (1 replies)
load more comments (3 replies)
load more comments (7 replies)