← Back to context

Comment by jbjbjbjb

2 days ago

Apple, Google etc are already implementing the Digital Credentials API standard which would make this type age verification much more secure.

8 comments

jbjbjbjb

Reply
codedokode  1 day ago

No, "digital credentials" is an awful idea because it requires to store your ID on your phone and thus make it accessible to Apple and Google and secret courts. What I suggest is simply to store a single "isAdult" bit on device, without revealing any identity, and make apps like browser do the censorship on device, without sending any data to a webite. The algorithm is as follows:

    if isAdult == 0 and website doesn't send a "safe-content" header, then:
        browser refuses to display content
    if isAdult == 0 and photo in a messenger doesn't contain a "safe-content" metadata, then
        photo viewer refuses to display content
    if isAdult == 0 and the app is not marked as safe, then
        app store refuses to download the app and OS refuses to launch it

With my approach, you don't need to store your ID on your device, you don't need to send your ID anywhere, and website operators and app developers do not need to do anything because by default they will be considered not safe. So my solution's cost is ZERO for website operators and app developers. As a website operator you don't need to change anything and to verify the age.

  • jbjbjbjb  1 day ago

    I think you misunderstood how the digital credentials api works. It keeps it in your phone’s secure element and lets you share just a “yes/no” proof like “over 18” without revealing anything else. It’s basically the cryptographically secure version of the isAdult bit you’re describing. It also has trust by cryptographically signing the proof and it can handle different jurisdictions.

    • codedokode  7 hours ago

      Not keeping the ID in a phone is better than keeping it in a "secure element" and having to upload it there using closed-sourced software with unclear functionality.

      1 reply →

  • _Algernon_  1 day ago

    What stops the under age user from setting isAdult = 1?

    • imtringued  1 day ago

      Their parents. The alternative is complete government surveillance of literally everything and I mean literally everything, starting from resource extraction and knowledge needed to manufacture electronics and the policing of every planet in the universe that is capable of giving rise to sentient intelligent life.