In this blog series, our CEO Robin Tombs will be sharing his experience, whilst focusing on major themes, news and issues in the world of identity verification and age assurance.
This month, Robin gives a preview of our upcoming facial age estimation white paper, responds to an inaccurate Washington Post article, and chats about our new integrations.
A sneak peak at our latest white paper
The latest Yoti facial age estimation model is an absolute banger. We’ll be publishing more detail in our next white paper soon but for those eager to better understand the accuracy for under/over 18s (a key age group for many businesses and regulators), here are some key results:
- Just 0.2% of 15-17 year olds would be incorrectly estimated to be over 25. This 0.2% is way lower than the percentage of 15-17 year olds who use a fake ID in shops or in the hospitality sector – but no government tests for this or publishes these test results!
- There is no material difference in false positive rates between males and females aged 15-17. And there is no material difference for 15-17 year olds across different skin tones.
Regulators could choose a threshold of 25 years for products like knives, alcohol and vapes and then suggest a lower threshold of 20 or 21 years for online adult content. This would minimise the chance of false positive rates (an underage person being incorrectly estimated as meeting the age threshold) for the most dangerous age-restricted goods, whilst helping the majority of adults to easily pass the age threshold.
Using a threshold of 21, approximately 96 percent (54m out of 56m) of UK adults could use Yoti facial age estimation to give high confidence they are an adult (over 18) without having to show any identity documents or share personal details like their name or date of birth. Yoti facial age estimation is the most popular and inclusive age checking method chosen by people around the world.
Response to inaccurate Washington Post article
A recent Washington Post article covered lots of important points on age assurance. However, it’s unfortunate that such a respected news publication has published a misleading story, leaving readers thinking that both facial age estimation and age verification with an ID document will “expose internet users to a style of surveillance that ranges from ‘somewhat privacy violating’ to ‘authoritarian nightmare.”
It seems that the story has been poorly written, mixing up different age checking methods. It’s important that journalists understand and clearly explain the clear difference between age verification with ID documents and facial age estimation. To bundle these two different methods together is like saying a motorbike is the same as a car. Yes they both get the driver from A to B, but they fundamentally work differently.
The article tells readers that age checks “boost the chances their personal data could be hacked, leaked or misused”. But with facial age estimation, this is incorrect. A facial image is assessed to determine the age or age range of a user and then it’s deleted. With this privacy-preserving method, no identity documents, names, date of births, addresses, mobiles phone numbers or credit card numbers are submitted. Because none of this data is involved in the age check, it can’t be hacked, leaked or misused.
Even if the journalist was talking about age checks with ID documents here (and not facial age estimation), this should have been made explicitly clear. It is unclear to just say ‘age checks’. Especially as some readers will not understand the difference between facial age estimation and using an ID document to prove their age.
Some of the language throughout the article is poor, for instance claiming faces are ‘surveyed’. Surveillance involves identifying individuals but facial age estimation does not identify any faces. It’s not facial recognition; something we made clear to the journalist prior to the article being published. And something NIST has helpfully clarified and explained.
The article includes a quote from Alex Stamos, the former security chief of Facebook, which uses Yoti, saying “most age verification systems range from ‘somewhat privacy violating’ to ‘authoritarian nightmare.” But the article doesn’t ask or report whether Stamos thinks Yoti facial age estimation is privacy violating. It instead just bundles all of the different age checking methods together.
The article says “critics argue that lawmakers hoping to shield kids could instead expose users of all ages to terrible risk, forcing them to hand over intimate details of their lives to companies that are largely unproven, unregulated and unknown.” But the article doesn’t clarify that:
- With facial age estimation, no intimate details of lives are being requested to meet laws for age-appropriate access.
- Facial age estimation does not require driver’s licences or sensitive data in vast quantities.
- It also does not ‘inspect everyone’. People will always choose to have their age estimated, and if they choose to do this, their age is assessed (not inspected).
- We have published the accuracy of facial age estimation for the last five years, to build trust and understanding in this technology.
Finally, suggesting Pornhub might have to pay $13m a day for age checks is woefully naive – again we provided accurate pricing information to the journalist before publication, but sadly some readers may believe the Washington Post.
It’s been very helpful that the Age Verification Providers Association responded to this article, to ensure misunderstandings are corrected and conclusions based on poor reporting are challenged.
This Washington Post article left readers misinformed, and more importantly negatively impacts the movement to improve safety for children online. But in a few years time, well regulated, privacy-preserving facial age estimation will keep hundreds of millions of children safer online. This article will look very dated and will lose credibility.
Introducing Yoti integrations
One of our guiding principles is to make Yoti available to anyone. To help achieve this, it’s important that businesses can quickly and easily use our products in the software they know and love.
Yoti now has over 70 no or low code integrations covering many of the most popular business software applications from the likes of Salesforce, Zoom, Google, Microsoft, Stripe, Xero, Shopify and many more.
Completing identity or age checks, or getting documents signed electronically, is now incredibly easy for businesses around the world.