What are you really checking?

Identity Documents

Checking facial recognition using photo identification such as drivers license or passport:
  • The face of the user holding the device matches the face on the document they have uploaded
  • The data on the provided on the document matched the date held on the government system.
Did you actually check the age and/ or identity of the user?

NO

Issues

  • You have not confirmed the person uploading the data is the person on the original document, only that the person uploaded the data matches the picture on the document they are holding.

Credit Reference Agencies And Other Private Sector Databases

Age confirmation by querying credit reference agency databases to confirm name, address and date of birth provided are accurate:
  • That the person whose details the user is providing is over 18
  • That the user is at (or near) the claimed address
Did you actually check the age and/ or identity of the user?

NO

Issues

  • You cannot tell if the details provided actually belong to the person who is providing them.
  • You cannot tell that the person entering the information is actually resident of the address are not simply their own nearby and this severely limits people who need to confirm age when they are away from home.

Age Estimation By Biometric Analysis

AI analysis of facial features to estimate age:
  • The estimated age of the image provided within a two year buffer
Did you actually check the age and/ or identity of the user?

NO

Issues

  • AI is rapidly becoming better at masking and adapting facial features on live and static images than it is at recognising when an image has been doctored.

Provision Of Credit Card Details

Providing a valid credit card number assumes the user is over 18, sometimes combined with the payment authorization or micro payment.

  • That the credit card information provided is valid
Did you actually check the age and/ or identity of the user?

NO

Issues

  • All you have checked is that a person over the age of 18 owns a valid credit card but you have not confirmed, in any way, who is using the credit card for the current transaction

Biometric Age And/ Or Identity Verification

Checking a unique biometric feature of an already enrolled user
  • The age or identity of somebody has already been verified using another process
Did you actually check the age and/ or identity of the user?

NO

Issues

  • You are relying on the user's device and assuming the biometrics of the users devices secure comment you are not verifying the identity of the actual user there are already systems that can spoof biometrics

DigiChek Key

  • Users undertake one time cover in person verification to create their personal DigiChek Key
  • The site organisation registers with DC
  • The user creates an account with that organisation or site using their name, date of birth and place of birth
  • The user creates a login ID with the site organisation and uses that with their DigiChek Key to access the system
That the person accessing the content is the sameperson who was originally verified face to face whenthey created their DigiChek Key
Did you actually check the age and/ or identity of the user?

YES!

Issues

  • The only way a user cannot be the same person as the one verified when the DigiChek Key was created is it that user has not really given that DigiChek Key to another person and liability lies with the fraudulent user as users are solely responsible for the security of the DigiChek Key because nobody but the user ever knows it