Verification methods
Age verification is a critical component of digital compliance, ensuring users meet minimum age requirements for accessing certain content, features, or services. These verification methods are used throughout all the supported flows of the CDK (Compliance Development Kit). k-ID's age verification methods serve two primary purposes: verifying a user's age to determine access to age-appropriate features or content, and verifying that a user is a trusted adult when a digital minor is seeking trusted adult consent.
k-ID provides a comprehensive suite of age verification methods that balance security, user experience, and regulatory compliance. By leveraging multiple verification providers and technologies, k-ID automatically selects the most appropriate verification methods based on jurisdiction requirements and user circumstances.
How k-ID verification works
k-ID's age verification system is flexible and intelligent, incorporating various verification techniques automatically selected based on jurisdiction requirements, user demographics, and assurance levels needed. You can configure which verification methods are enabled through the Compliance Studio.
The system is privacy-focused. k-ID doesn't store private data or images from the verification process. It simply confirms whether users meet defined age thresholds (adult or digital youth) according to their jurisdiction's requirements, minimizing data collection while maintaining robust verification capabilities.
Universal age verification methods
These verification methods are available across multiple jurisdictions and provide broad coverage for age verification requirements.
📄 ID scan verification
ID scan verification uses advanced document verification technology provided by Veratad to authenticate government-issued identification documents including passports, driver's licenses, and national ID cards.
Users simply photograph their ID document with their device's camera. The system analyzes the document to verify authenticity and extract age information. Enhanced security implementations might also require a face scan to confirm the user's face matches the photo in the ID document.
This method is highly effective because government-issued IDs undergo rigorous verification processes before being issued, making them reliable age sources. The technology detects security features and tampering signs, providing strong fraud protection.
📸 Facial age estimation scan
Facial age estimation provides a user-friendly verification method where users verify their age by scanning their face with their device's camera. This privacy-preserving technology uses AI to estimate age categories without storing biometric data.
The process is simple. Users look into their camera and the system provides an age estimate within seconds. The technology provides an estimate of a user's age, and it's recommended to use age categories (adult or digital youth) as the criteria, rather than a precise age.
🔑 AgeKey
Age Key provides the lowest friction experience for repeat users. After successfully completing any other verification method, users can create an Age Key that serves as a reusable age credential for future verifications. Users can also create an AgeKey directly at AgeKey.org.
Once generated, this secure credential allows users to verify their age in subsequent interactions simply by sharing their Age Key rather than repeating the full verification process. Your Age Key is stored locally on your device and protected by your biometrics (Face ID, fingerprint, or device passcode). This significantly reduces friction while maintaining security and privacy for users who have already been verified once.
💳 Credit card verification
Credit card verification provides age verification through Stripe's secure payment processing, particularly in jurisdictions where card ownership is restricted to adults. Users provide credit card information, and a small charge might be made to validate their card is real. If charged, this amount is refunded within 14 business days.
The system uses Stripe's established payment infrastructure, ensuring financial data is handled with the highest security standards. This method only allows verification by using a credit card, as debit cards and pre-paid gift cards are available to younger users.
Testing credit card verification integration
While your product is in test mode, use the provided Stripe testing card numbers to cover all testing scenarios.
📧 Email address age estimation
Email address age estimation uses only an email address to estimate a user's age. Users provide their email and complete a one-time password verification to confirm ownership. The system analyzes the digital footprint associated with the email address to estimate age categories.
This method works by examining the digital history linked to an email address, which can indicate age ranges. The process typically completes within seconds and includes fraud prevention measures. It requires no ID scans, selfies, or credit card information, making it a simple alternative for age verification.
Region specific verification methods
Some age verification methods are tailored to specific jurisdictions, taking advantage of unique digital identity infrastructure and regulatory frameworks in those regions.
🇦🇺 ConnectID (Australia)
ConnectID is Australia's digital identity exchange operated by Australian Payments Plus. The service enables age verification by connecting users with identity providers they already have relationships with, such as their banks.
Users select their preferred identity provider (typically their bank) and authenticate using their existing banking credentials. They then consent to share specific information, such as confirmation that they're over 18, without revealing additional personal details.
ConnectID is accredited by the Australian Government as an identity exchange and operates within Australia's Trusted Digital Identity Framework. The service is supported by major Australian banks and functions as a data bridge without storing personal information.
Testing ConnectID Integration
When your k-ID product is in test mode, ConnectID presents fictional banks for selection during the verification process. To complete mock verifications, you can use any of these test account credentials:
| Bank | Username | Password |
|---|---|---|
| Capital | dev+user1@connectid.com.au | T3stUs3rs! |
| ABank | dev+user2@connectid.com.au | T3stUs3rs! |
| National | dev+user3@connectid.com.au | T3stUs3rs! |
| WBank | dev+user4@connectid.com.au | T3stUs3rs! |
These test accounts allow you to simulate the complete ConnectID verification flow and validate your integration before moving to live mode.
🇺🇸 Social Security number verification (United States)
For United States users, Social Security Number verification provides robust age verification by using government data systems. Users provide the last four digits of their Social Security Number along with their birth date, which is cross-referenced with authoritative government databases to confirm both identity and age.
This method is valuable for users who might not have driver's licenses or photo identification, providing an inclusive verification option that relies on widely held government-issued credentials.
🇸🇬 SingPass (Singapore)
SingPass is Singapore's national digital identity system that enables users to authenticate and consent to share verified attributes with relying parties. For age verification, users authenticate with SingPass and consent to share their date of birth (DOB). OpenAge uses the DOB to determine whether the user meets the configured age threshold, avoiding the need to store unnecessary personal data. This leverages the trusted government-backed ecosystem and strong security controls of SingPass.
🇰🇷 KISA identity verification (South Korea)
South Korea supports real-name and age verification through methods designated by the Korea Internet & Security Agency (KISA). Platforms can request user verification via one of several options: mobile phone (carrier) verification, credit card, or public certificate. For age checks, the provider returns the user's date of birth (DOB), which OpenAge uses to determine whether the user meets the required age threshold. These methods are standardized under South Korea's real-name verification regime and are widely used across online services.
Testing and development considerations
When developing with k-ID's age verification system, it's important to understand the distinction between test and live modes. In test mode, additional testing capabilities are automatically available to help developers validate their implementations. These testing features allow you to simulate various verification scenarios and outcomes without requiring users to complete actual verification processes.
Testing methods are designed to mirror the user experience of live verification while providing controlled outcomes for development purposes. This enables thorough testing of your integration before moving to production. However, these testing capabilities are automatically turned off when your product transitions to live mode, ensuring that only genuine verification methods are available to real users.
The testing environment allows you to validate different verification outcomes, test error handling, and ensure that your application properly processes verification results. This comprehensive testing capability helps ensure smooth deployments and reliable user experiences.
Choosing the right verification methods
k-ID's intelligent system automatically selects appropriate verification methods based on several factors including jurisdiction requirements, user demographics, and the level of assurance required. However, understanding the strengths of each method can help you optimize your age verification strategy.
For maximum coverage and user convenience, implementing multiple verification methods provides the best user experience. Users can choose the method that works best for their circumstances, whether they prefer the convenience of facial scanning, the security of document verification, or the simplicity of leveraging existing digital identity relationships.
The system's automatic selection ensures that users in different jurisdictions see methods that are both legally compliant and technically supported in their regions. For example, users in Australia might be offered ConnectID, and users in other regions might see universal methods such as ID scanning or facial age estimation.
Privacy and security
Throughout all verification methods, k-ID maintains a strong commitment to user privacy and data security. The system is designed to collect only the minimum information necessary to meet age verification requirements. Personal data and images aren't permanently stored, and verification results focus on age category determination rather than collecting detailed personal information.
This privacy-preserving approach aligns with global data protection regulations while providing businesses with the assurance they need to meet age verification requirements. By leveraging trusted third-party verification providers and established digital identity infrastructure, k-ID can provide robust verification capabilities without compromising user privacy.
The verification system also includes strong fraud prevention measures, using advanced technologies to detect manipulation attempts and ensure the integrity of the verification process. These security measures help protect both businesses and users from fraudulent activities while maintaining a smooth user experience.
Integration and Implementation
k-ID's age verification methods integrate seamlessly into existing applications and workflows through standardized APIs. The system handles the complexity of managing multiple verification providers and methods, presenting a consistent interface to developers while leveraging the most appropriate verification techniques behind the scenes.
The verification process is designed to be embedded naturally into user journeys, whether as part of account creation, feature activation, or content access. Results are delivered through both webhooks and JavaScript events, allowing applications to respond appropriately to verification outcomes and provide immediate feedback to users.
By understanding these various age verification methods and their appropriate use cases, developers can create more inclusive, secure, and compliant applications that meet the diverse needs of users across different jurisdictions and circumstances.