AFFIXIO
Prove age without storing DOB
Platforms need to know if a user is over 18, not their full identity profile. AffixIO returns a signed YES or NO from a zero-knowledge age circuit. The verifier never holds date of birth. Read the age verification sector guide, our Online Safety field note, or test circuits in the sandbox.
At a glance
- Product
- Zero-knowledge age threshold proofs
- Scope
- Social platforms, retail, hospitality
- Outcome
- Signed YES or NO without date of birth at verifier
- Regulation
- Online Safety Act proportionate assurance
- Witness
- Passport, licence, or bank-derived age signals
- Retention
- No standing age database at verifier
The gap
Age gates became identity harvests
The Online Safety Act requires proportionate age assurance for high-risk content. Many implementations upload passport scans and dates of birth to the platform, creating a new PII liability.
Users reasonably resist handing their identity to every streaming service, marketplace, and social app they visit.
Zero-knowledge age checks split the problem: prove threshold eligibility, reveal nothing else.
Architecture
Upload ID vs ZK age proof
- ✕ Platform stores passport scans and DOB
- ✕ New breach surface for identity documents
- ✕ Users share full identity per platform
- ✕ Audit is access logs, not cryptographic proof
- ✕ Re-verification repeats the data transfer
- ✓ Verifier receives YES or NO only
- ✓ Witness data stays at issuer or on device
- ✓ Reusable proof within expiry window
- ✓ Merkle audit on every gate crossing
- ✓ Multiple document types as witness sources
What the verifier sees
- ✓ Signed YES or NO for age threshold
- ✓ Proof expiry timestamp
- ✓ Issuer trust reference
- ✓ Merkle audit digest
What stays hidden
- Date of birth
- Full name
- Document number
- Document image
- Home address
Capabilities
What the age circuit proves
Age band proof
Prove user is at or above 13, 16, or 18 without revealing exact age.
Document sources
Passport, driving licence, national ID, or bank-derived age as circuit inputs.
Time-bound proofs
Short-lived age attestations. Re-proof on expiry without re-uploading documents.
Trusted attestors
Age proofs from approved identity providers carry issuer signatures.
Merkle evidence
Every age gate decision appendable to tamper-evident audit tree.
No standing profile
Platform holds eligibility result, not a persistent identity record.
Integration
Four steps to privacy-preserving age gates
Select threshold
Choose 13+, 16+, or 18+ circuit from the age verification catalogue.
Collect witness
User verifies identity once with an approved issuer. Witness stays off-platform.
Prove and verify
Generate ZK proof. Platform receives signed YES or NO at the content gate.
Audit
Append decision digest to Merkle tree. Export for ICO or Ofcom evidence requests.
Where it applies
Age check scenarios
Social platforms
Online Safety Act age assurance without building a national DOB database.
Streaming services
18+ content gates with minimal data collection at the provider.
Online gaming
Age-appropriate matchmaking and spend limits with threshold proofs.
Marketplaces
Age-restricted product categories verified without storing ID scans.
Dating apps
18+ entry requirement with no persistent identity profile at the app.
Alcohol delivery
18+ proof at checkout. Courier sees YES, not the customer's passport.
Age assurance without another identity vault
The UK Online Safety Act pushes platforms toward highly effective age assurance (HEAA). Uploading government ID to every content provider creates retention risk and user friction. Zero-knowledge threshold proofs let a platform learn only what policy requires, for example over 18, without receiving date of birth or document images.
AffixIO sits at the allow or deny boundary. Witnesses can come from age estimation vendors, document issuers, or programme-specific eligibility sources. The verifier checks the proof, not the underlying attributes.
Mapping to Ofcom four criteria
Procurement teams should score methods against accuracy, inclusivity, privacy, and effectiveness. Use the age assurance scorer as a planning aid, then reproduce flows in the sandbox. Legal interpretation remains with counsel; this page supports engineering evidence.
Part 3 vs Part 5 duties
Publisher duties under Part 5 may require stricter gates than Part 3 user-to-user services. The OSA scope checker helps classify service type before architecture lock-in. See the full Online Safety Act guide.
Compare: age check vs ID upload, verification vs age vendor. Reviewed 12 July 2026.
Frequently asked questions
Does the verifier see the user's date of birth?
No. The verifier receives a signed YES or NO that the user meets the age threshold. Date of birth and document images stay at the issuer or on the user's device.
Is this compatible with the Online Safety Act?
AffixIO age circuits support proportionate age assurance. Platforms receive a binary eligibility result with Merkle audit, without building a standing age database.
What identity sources can feed the proof?
Passport, driving licence, national ID, or bank-derived age signals. The circuit proves threshold eligibility without revealing the underlying record.
Can age checks run in the sandbox?
Yes. The sandbox includes age threshold circuits with test witness data for prove and verify flows.
Run an age threshold proof
Test 18+ circuits in the sandbox, then scope a pilot with your compliance team. Field note: Online Safety age verification.