Back
Australia’s new under-16 social media restrictions are now live. Platforms are required to take reasonable steps to prevent users under 16 from holding accounts – with serious penalties for non-compliance.
This raises a fundamental question:
How do you reliably determine whether someone is 16+
- without building a central face database,
- without transmitting or storing sensitive images, PII or IDs, and
- without triggering user and parental-consent workflows that are cumbersome to the user experience?
At PrivateID, we address this with our privacy-preserving, on-device age assurance solutions consisting of Facial Age Estimation (FAE) and Age Verification (selfie + Government ID) – architected so that all processing happens directly on the user’s own device. As no images or PII are ever transmitted from the user’s device, user consent, including parental consent for minors under COPPA, is not required. (There is no persistent collection, storage, or sharing of personal data.) This delivers a seamless experience for teens and adults, while still supporting regulatory obligations and eliminating organizational risk from centralized sensitive data stores.
1) On-device Facial Age Estimation (selfie-based age estimation)
Our facial age estimation solution has been in production globally for over three years, supporting high-scale deployments and helping organizations meet diverse age-assurance and regulatory requirements across multiple jurisdictions.
- A quick selfie is processed entirely on-device; no image, template, or PII ever leaves the user’s device.
- On-device PAD liveness detection ensures the selfie image is not a spoof.
- The age estimation model running in the user’s browser or in the app is optimized for threshold-based decisions such as above or below 13, 16, 18, 21, etc., to support age-based regulations globally, including Australia’s latest under-16 social media rules.
- Our highly accurate facial age estimation solution is certified to EAL3 by the Age Check Certification Scheme (ACCS), providing independent assurance of robustness and performance across genders and ethnicities.
Because all processing is performed at the edge and no personal data is transmitted, the flow can be deployed without requiring user consent or parental consent for minors, while remaining compliant with privacy law obligations including COPPA.
2) On-device Age Verification (Selfie + Government ID)
When higher assurance is needed – or as a step-up for users close to critical age thresholds identified via facial age estimation – we support on-device selfie + government ID verification.
- The user captures a selfie and their government ID. All processing occurs locally on the device. No images or PII are transmitted.
- The selfie is matched to the photo on the ID, and age is derived from the date of birth (DOB) on the document. The facial matching and OCR data extraction models run instantly in the user’s browser or app to execute these checks fully on-device, with no transmission of images or PII.
- Only the user’s age derived from the DOB is returned to the organization.
- Again, because no personal data leaves the device, user consent or parental consent for minors is not required while remaining COPPA-compliant.
3) Robust Liveness / PAD Built In
Both facial age estimation and age verification solutions include patented on-device liveness detection, successfully passing and conforming to ISO/IEC 30107-3 iBeta PAD Level 1 and 2 presentation attack testing.
4) Regulator-Ready, Globally
PrivateID’s on-device age assurance solutions give companies a single, privacy-preserving foundation to:
- Satisfy Australia’s under-16 social media restrictions
- Align with the EU Digital Services Act (DSA) and its expectations for proportionate, privacy-focused age assurance
- Support UK Online Safety Act obligations for robust age checks on adult content and other high-risk or harmful online services
- Address emerging US state-level social media and youth safety laws that mandate effective age verification and protections for minors
- Enforce age gates for regulated digital products and content – such as gambling, gaming, alcohol, and adult entertainment – where strong age checks are already required or rapidly becoming mandatory
Our privacy-preserving, on-device technology helps organizations meet Australia’s new under-16 social media rules and broader global age requirements with strong assurance and edge-only processing—delivered without user or parental consent friction—enabling companies to stay ahead of a rapidly evolving landscape of age-based regulation.