ISO 27566-1 Practice Statement
Solution Owner: DigiChek Pty Ltd
DigiChek Pty Ltd is a(n) Age Assurance Provider (an entity responsible for providing age assurance results to a relying party)
This is a practice statement for the age assurance solution known as DigiChek
The system and practice statement are kept under continuous and regular review in the following way:
The system and practice statement are continuously and regularly reviewed by top management and the development group as functionality for client requirements and legislative and regulatory requirements are updated.
This solution is designed to test the following age eligibility requirements:
DigiChek can provide the following outcomes:
– exact age
– over or under a certain age
– between certain ages
There are no intermediaries involved in the process. Proof of age is determined when the user is verified in person
and their DigiChek profile first created
This solution utilizes the following Age assurance components:
In Australia, a DigiChek Registrar (an authorised person at a DigiChek registered third-party organisation recognised by the government as capable of verifying identity) verifies an adult user in person using primary credentials satisfying the Australian 100 point ID check when generating the user’s DigiChek profile. The Registrar creates the profile with the user’s name, date and place of birth as they appear on the primary credentials. These never change and provide the foundation for confirming the user’s age and identity.
Children’s identities are verified and their DigiChek profiles generated at school so no documents are used when creating children’s profiles as schools verify children’s identities upon enrolment.
This solution delivers results to meet the following Indicators of confidence:
DigiChek calculates the user’s exact age based on the date of birth in the user’s profile when providing the output required by the organisation querying the user’s age ie: precise age or over / under / between given parameters.
The solution applies the following Binding process:
When the user’s DigiChek profile is created, the user generates their own unique DigiChek Key comprising their date of birth (DDMMYYYY) plus a further 4 to 10 characters of the user’s choosing. This Key Is permanently linked to the user’s profile but can be changed by the user whenever they choose. The Key is never transmitted, shared or stored anywhere other than the DigiChek system and with the user. The user’s name, date and place of birth as held by the organisation querying the user’s age are matched against the user’s details held on the DigiChek system when the user inputs their DigiChek Key. The Key is always unique to a specific user’s profile and no one but the user ever knows what their Key is so the age assurance result can only be attached to the specific individual who has that specific DigiChek Key.
Access to a user’s Key on the DigiChek system and the ability to change it is controlled by security questions set by the user themselves. The user must create a minimum of six questions but can create as many as they choose in any language or format they choose. As DigiChek holds no user information other than the name, date and place of birth it’s not possible for any user to contact DigiChek to reset their security questions or their DigiChek Key. The user’s ability to personalise the security questions and their Key ensure that the only person who can access and change a DigiChek Key is the user themselves.
The solution achieves Privacy and data protection as follows:
DigiChek stores the least amount of personally identifiable information possible to confirm a user’s age and /or identity, just three pieces of information: the user’s name, date of birth and place of birth. DigiChek itself holds neither primary nor secondary credentials on its system.
Adults: when adults are verified in person by a DigiChek Registrar, the DigiChek-registered third-party verifying organisation, which is already recognised by the government as suitable for verifying identity and storing primary credentials, records copies of the user’s primary credentials and a photograph of the user on their own system where those details remain and are never shared with DigiChek. The user hands over their primary credentials to the Registrar at the point of verification so the process is completely transparent and the user’s consent is willing and with full knowledge who is receiving their documents and that those documents will go no further than the registration organisation.
Children: when children’s profiles are generated at school, their identities have already been verified using primary credentials upon enrollment and the school never shares any identifying credentials with DigiChek, only the child’s name, date and place of birth used to generate the child’s DigiChek profile. The child does not need to give consent for any credentials to be shared with DigiChek because none are shared or stored other than those already lodged with the school.
Querying organisations: DigiChek never sends any information to the querying organisation when it queries a user’s age with DigiChek. DigiChek will send: a yes or no response to the querying organisation to confirm the user has a DigiChek profile; a specific age or a yes or no response as required by the querying organisation’s age parameters; a yes or no response confirming the user’s details provided by the querying organisation match those held against the DigiChek Key submitted by the user to the DigiChek system. The user’s privacy is always maintained because DigiChek never shares the user’s DigiChek Key or the user’s name, date and place of birth held on the DigiChek’s user profile with any other organisation.
DigiChek never receives any information about the user, other than the user’s name, date and place of birth, from any other organisation so DigiChek is unaware of what kind of interaction a user has with a querying organisation, what activities or behaviours users are engaging in online or even where a user is located so DigiChek is blind to anything about the user other than the three pieces of data it holds on the user’s profile. This means DigiChek information cannot be used to identify the user or track their activity. The user’s digital footprint is not added to in any way by using DigiChek and, in fact, is potentially reduced by removing the need for providing primary or secondary credentials to more organisations just to confirm age.
The solution demonstrates ease of use as follows:
The DigiChek system relies on the user giving the querying organisation the user’s name, date and place of birth and being able to submit their DigiChek Key to the DigiChek system. These are the three smallest pieces of information a user could be asked to know about themselves and represent the bare minimum a user should be able to provide if they have the capacity to interact online independently. Users without the capacity to interact online independently will likely lack capacity to manage those three pieces of information independently as well but their entire online interaction will always be dependent on assistance, regardless of their use of any age assurance system.
The user’s DigiChek key comprises the user’s date of birth, DDMMYYYY (which the user should know if they can provide their name, date and place of birth) followed by 4 to 10 characters of the user’s own choosing. This means that the user can make their DigiChek Key as complex or as simple as they choose or their capacity allows. Therefore a younger child or person with lower capacity may start with a very simple Key but, because they can change it whenever they choose, the complexity of the Key can increase as the user’s age and capacity increase. This means that no user is barred from using DigiChek Keys, regardless of their capacity, because the complexity of the DigiChek Key is set by the user. In the same way, users with very high capacity can make their DigiChek Key as complex as they like and change it as often as they like so the system works in both directions. The ability of the user to set their own DigiChek Key and security questions also allows for cultural and linguistic variations because the user has complete control of their own security process.
The DigiChek system is not reliant on the user having any level of digital literacy or access to a device with a specific level of sophistication. It is comparable to a username / password process which is the simplest and most common online process with the highest level of familiarity for all users. This makes it user-friendly to any user with any level of digital literacy, from very young to very old. It is also a process that works on any level of device from legacy to the most up to date high tech. Most devices adapted for users with accessibility needs have the capacity for users to enter a user name and password as it is the most fundamental level of functionality and if the device is suitable for the user to enter a password then it is suitable for them to use a DigiChek Key so it does not rely on a user having a specific physical capacity either.
Lastly, the DigiChek solution does not require a specific device or a specific location or access to a particular level of connectivity. If the user is on a device with the ability to access the organisation that needs to confirm their age then they are able to use the DigiChek system to provide that confirmation.