Announcement

Build bespoke age verification with Persona

When thinking about age verification, balancing regulations and privacy can seem overwhelming. That’s why we’re launching a configurable age verification solution built to serve the needs of your business.

Green background with an icon of people in the center
Last updated:
9/4/2024
Read time:
Share this post
Copied
Table of contents
⚡ Key takeaways

We all know that age verification isn’t a new concept — bars and restaurants have been verifying customers’ ages for a long time. So why isn’t it widespread online?

There’s certainly a desire for online age verification. Pew Research recently reported that 71% of US adults and 56% of teens support requiring people to verify their age before using social media sites. Regulators are also working to protect their constituents. Governments are shifting away from self-attestation and beginning to require higher-assurance age verification methods to access alcohol, tobacco, and adult entertainment sites. And in the social media and gaming industries, governments have recently started setting minimum ages and requiring age verification for account access. If you’d like to learn more about navigating global age verification regulations, check out our blog or feel free to download our ebook.

For people (like you!) who are responsible for managing your company’s online age verification processes, balancing regulations and privacy requirements with the needs of the business can seem like an overwhelming task. That’s why we’re launching a configurable age verification solution built with Persona’s dynamic identity platform to help serve the needs of your business, no matter what size you are or what verticals or geographies you operate in. Read on to learn more.

eBook
Learn how to navigate the age verification landscape
Get the book

Age verification challenges

As you look to add age verification to your business, you’ll run into three challenges. First, you’ll have to comply with complex age verification regulations around the world. You’ll also have to comply with equally complex privacy regulations. And while you ensure compliance, you’ll still need to provide users with a streamlined experience.

Age verification regulations are complex

Regulators often focus on two criteria for age verification: the age threshold for a given product or service and the method of verifying someone’s age against that threshold.

It may sound straightforward to enforce an age threshold. Yet businesses that operate in multiple regions will need to map different sets of thresholds across jurisdictions, use cases, and industries. For example, Utah’s Minor Protection in Social Media Act sets the age threshold for social media access to 18, while a similar law in Georgia sets the threshold to 16. In the UK, the Online Safety Act requires a wide variety of online platforms to keep children under 13 off of their services. 

Adding to this complexity, regulations in different jurisdictions specify different acceptable means to verify age. In the UK, for example, performing a credit card swipe can offer enough assurance in certain cases to determine that an individual is at least 18, but other countries may not follow the same practices. In the US, the Protecting Georgia's Children on Social Media Act of 2024 doesn’t list specific methods, but states that businesses must “verify the age of account holders with a level of certainty appropriate to the risks."

In short, regulations require you to enforce the right age thresholds in each jurisdiction, but they often leave it to you to decide how to actually enforce them.

Privacy regulations add to the complexity

Because verifying someone’s age requires collecting user information, you also need to comply with privacy regulations. The specific privacy requirements depend on the jurisdiction, the user’s age, and the verification methods you use, but some examples of important considerations are:

  • Data deletion: Louisiana Act 440, which requires age verification to protect minors from harmful content, prohibits businesses from retaining users’ information after verifying their age.
  • Parental consent: According to the Children’s Online Privacy Protection Act (COPPA) in the US, websites need to collect verifiable parental consent prior to collecting data from children under 13 (this may soon increase to 16).

To reduce the risk of hefty fines, bad press, and lost user trust, your business should make sure it adheres to privacy best practices while complying with age verification regulations.

Users demand a streamlined experience

Finally, you need to balance conversion and risk on a per-user basis. If you require too many checks or verifications, your users will get frustrated. Conversely, if you make the experience too seamless, you risk providing access to underage users or running afoul of regulations.

It’s tricky to find the right balance between regulatory compliance, user experience, and your business objectives. An ideal age verification experience will present the right amount of friction to verify a user’s age at the right time. Even the same user might need a different flow depending on what they’re trying to do, their physical location at the time they attempt to verify their age, and other factors.

Example: Imagine a business that offers bike rentals in urban areas. Regulations may require them to collect a government ID for age verification. Depending on the business’s risk tolerance, they may be willing to automatically approve certain ID submissions if the user looks well above the minimum age to ride.

Furthermore, if their population uses predominantly low-end devices, the business should configure the image quality checks associated with the government ID verification such that they’re approving as many applicants as possible while keeping risky applicants out.

Example:

Imagine a business that offers bike rentals in urban areas. Regulations may require them to collect a government ID for age verification. Depending on the business’s risk tolerance, they may be willing to automatically approve certain ID submissions if the user looks well above the minimum age to ride. Furthermore, if their population uses predominantly low-end devices, the business should configure the image quality checks associated with the government ID verification such that they’re approving as many applicants as possible while keeping risky applicants out.

Free guide
Learn about age verification's biggest challenges — and how to find a solution that meets your needs
Download now

Introducing Persona’s configurable age verification solution

Given the considerations above, any business that needs to verify their users' ages will need a solution tailored to their unique mix of population, regulatory requirements, and risk tolerances. Whether you leverage Persona’s government ID, database, or selfie verifications, you can build a customized age verification system that’s molded around your unique business needs, while simultaneously protecting your users’ privacy and giving them a great user experience.

Meet regulatory requirements in a way that’s best suited for you

To suit your specific needs, Persona’s platform gives you the power to configure things at two levels: the overall flow level and individual verification level.

At the flow level, you can leverage Dynamic Flow to sequence different verifications that meet your requirements while providing an optimal user experience. For instance, businesses that want to take a stricter approach to age verification can set up a government ID and selfie verification flow, whereas other businesses may opt to leverage selfie age estimation first, and then perform a government ID step-up verification if the user falls above or below a risk threshold.

At the verification level, you can configure each of Persona’s government ID, database, and selfie verifications with granular settings for collection requirements, fraud checks, and fallbacks. For example, a US-based gaming company launching their first game may start with only accepting US and Canadian IDs, while leveraging looser match requirements against the submitted account information as they learn about their initial users. A seasoned international gaming company, in contrast, might accept IDs around the world and leverage stricter match requirements against account information to deter high-risk or prohibited users. Each of Persona’s verifications comes with a diverse set of checks, allowing you to sift out risky users right from the start.

Finally, these configurations don’t need to be static: easily adapt your configurations as your requirements shift over time without engineering resources by leveraging our Dashboard and Flow Editor products.

“Lime is a global company. We have a lot of different use cases — everything from the types of documents we accept to local regulations and the types of data we need to collect. Persona’s customizability stood apart — it was the best, most flexible option to meet all of our different needs.”
Anissa Chen
Senior product manager at Lime

Protect your users’ privacy as you comply with age verification regulations

Persona allows you to fine-tune your privacy controls for each jurisdiction you operate in at every level of the product, from global redaction policies down to specific product configurations. Our platform enables you to handle users’ consent and manage the data you collect with fine-grained retention and redaction controls–all without making code changes.

For example, with Dynamic Flow, you can request and record users’ consent prior to collecting their data, prevent the collection of PII from prohibited age groups, and set real-time auto-redaction policies for users under certain age thresholds. You can also enforce policies to retain and redact specific PII fields based on your desired cadence. At the government ID level, you can configure censoring policies so you don’t collect certain PII in the first place. And if you’re using a lightweight selfie age estimation flow, you can opt to auto-redact the user’s selfie once you verify their age.

These are just a few ways Persona enables you to implement fine-grained auto-redaction policies to protect your users’ data — and yourself. 

Minimize drop-off while maintaining compliance in real time

Each of your users is unique. Not only will they have different appetites for friction and levels of tech savviness, but they will also be using different devices in a range of contexts with varying lighting conditions and other environmental factors that can influence input hygiene (typos) and image quality (blurry photos).

Persona’s age verification solution enables you to create user flows that ask users only for the information that’s necessary and customized to their specific context, leveraging built-in step up verification that can be triggered by the information a user submits. For instance, you can configure a selfie age estimation flow so a user only has to submit their government ID if their estimated age is below a risk threshold.

Finally, apply your own branding, theming, and UI instructions so the experience feels native and engenders more trust by making it as easy for users to submit the right information and get real time feedback.

“With Persona, we can check government IDs and selfie liveness in real time to make sure users are the right age and cross reference multiple risk signals to help us figure out whether to approve or decline users.”
JJ Foster
Trust and safety manager at Coffee Meets Bagel

Balance compliance, privacy, and conversion with a tailored age verification approach

While regulators have been paying more attention to online restricted goods, social media, and gaming, this is likely the starting point of a much larger trend, one in which verifying people’s identities — or at least parts of people’s identities (age, geography, etc) — becomes an increasingly important focus of online regulations around privacy and security. As the internet grows, it will require more and more businesses to tackle these issues in a structured, forward-thinking way.

As Persona, we’ve long believed that while you can’t predict the future, you can plan for it by building an approach to age verification — if not identity verification as a whole — that is adaptable and robust enough to help you handle changing regulations, and the changing needs of your business. 

Ready to get started? Take a closer look at our age verification capabilities, and talk to a Persona expert today.

Disclaimer: The information provided is not intended to constitute legal advice; all information provided is for general informational purposes only and may not constitute the most up-to-date information. Any links to other third- party websites are only for the convenience of the reader.

Published on:
8/15/2024

Frequently asked questions

No items found.

Continue reading

Continue reading

Onboard businesses globally with Persona's international KYB solution
Onboard businesses globally with Persona's international KYB solution
Announcement

Onboard businesses globally with Persona's international KYB solution

Streamline global business onboarding with Persona's international KYB solution, ensuring compliance and a seamless experience across borders.

Faster verifications and less risk with Reusable Personas
Faster verifications and less risk with Reusable Personas
Announcement

Faster verifications and less risk with Reusable Personas

Verify more users while assessing more risk signals with reusable identities.

Fight fraud at every angle with Persona
Fight fraud at every angle with Persona
Announcement

Fight fraud at every angle with Persona

Introducing new capabilities to help fight complex fraud.

Age verification system: How to add it into your business
Industry

Age verification system: How to add it into your business

Any business that sells age-restricted products, provides access to age-gated activities, or delivers services that require adult consent must verify ages. Learn more.

From clicks to compliance: Mastering age verification online
Industry

From clicks to compliance: Mastering age verification online

Age verification is an important part of protecting online minors. Learn more about the how and why behind age verification for online platforms.

From fraud to fairness: Leveraging KYC and age verification for online gaming
Industry

From fraud to fairness: Leveraging KYC and age verification for online gaming

KYC can help keep online gamers of all ages safe and reduce fraud. Learn how KYC and age verification can benefit your gaming platform.

Ready to get started?

Get in touch or start exploring Persona today.