Many might’ve seen the Australian ban of social media for <16 y.o with no idea of how to implement it. There have been mentions of “double blind age verification”, but I can’t find any information on it.

Out of curiosity, how would you implement this with privacy in mind if you really had to?

  • Buddahriffic@lemmy.world
    link
    fedilink
    arrow-up
    5
    ·
    16 days ago

    Could have a system where a government site cryptographically signs a birth year plus random token provided by the site you want to use.

    Step 1: access site
    Step 2: site sends random token
    Step 3: user’s browser sends token plus user authentication information
    Step 4: gov site replies with a string containing birth year, token, and signature
    Step 5: send that string to the other site where it uses the government’s public key to verify the signature, showing the birth year is attested by the government

    No need to have any direct connection with the user’s identity and the site or been the gov and site.

    • Miaou@jlai.lu
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      13 days ago

      Unless the government buys the generated tokens from those websites. That’s like the entire problem