AffixIOAFFIXIO
Contact

At a glance

Product
Zero-knowledge age threshold proofs
Scope
Social platforms, retail, hospitality
Outcome
Signed YES or NO without date of birth at verifier
Regulation
Online Safety Act proportionate assurance
Witness
Passport, licence, or bank-derived age signals
Retention
No standing age database at verifier

The gap

Age gates became identity harvests

The Online Safety Act requires proportionate age assurance for high-risk content. Many implementations upload passport scans and dates of birth to the platform, creating a new PII liability.

Users reasonably resist handing their identity to every streaming service, marketplace, and social app they visit.

Zero-knowledge age checks split the problem: prove threshold eligibility, reveal nothing else.

18+
Threshold circuits for 13+, 16+, and 18+ gates. Configurable at issue time without code changes.
0 DOB
Date of birth does not reach the content platform. Verifier sees YES or NO only.
OSA
Designed for UK Online Safety Act proportionality. Merkle audit for regulatory evidence.

Architecture

Upload ID vs ZK age proof

Document upload
  • Platform stores passport scans and DOB
  • New breach surface for identity documents
  • Users share full identity per platform
  • Audit is access logs, not cryptographic proof
  • Re-verification repeats the data transfer
AffixIO ZK age check
  • Verifier receives YES or NO only
  • Witness data stays at issuer or on device
  • Reusable proof within expiry window
  • Merkle audit on every gate crossing
  • Multiple document types as witness sources

What the verifier sees

  • ✓ Signed YES or NO for age threshold
  • ✓ Proof expiry timestamp
  • ✓ Issuer trust reference
  • ✓ Merkle audit digest

What stays hidden

  • Date of birth
  • Full name
  • Document number
  • Document image
  • Home address

Capabilities

What the age circuit proves

Threshold

Age band proof

Prove user is at or above 13, 16, or 18 without revealing exact age.

Witness

Document sources

Passport, driving licence, national ID, or bank-derived age as circuit inputs.

Expiry

Time-bound proofs

Short-lived age attestations. Re-proof on expiry without re-uploading documents.

Issuer

Trusted attestors

Age proofs from approved identity providers carry issuer signatures.

Audit

Merkle evidence

Every age gate decision appendable to tamper-evident audit tree.

Stateless

No standing profile

Platform holds eligibility result, not a persistent identity record.

Integration

Four steps to privacy-preserving age gates

01

Select threshold

Choose 13+, 16+, or 18+ circuit from the age verification catalogue.

02

Collect witness

User verifies identity once with an approved issuer. Witness stays off-platform.

03

Prove and verify

Generate ZK proof. Platform receives signed YES or NO at the content gate.

04

Audit

Append decision digest to Merkle tree. Export for ICO or Ofcom evidence requests.

Where it applies

Age check scenarios

Social platforms

Online Safety Act age assurance without building a national DOB database.

Streaming services

18+ content gates with minimal data collection at the provider.

Online gaming

Age-appropriate matchmaking and spend limits with threshold proofs.

Marketplaces

Age-restricted product categories verified without storing ID scans.

Dating apps

18+ entry requirement with no persistent identity profile at the app.

Alcohol delivery

18+ proof at checkout. Courier sees YES, not the customer's passport.

Age assurance without another identity vault

The UK Online Safety Act pushes platforms toward highly effective age assurance (HEAA). Uploading government ID to every content provider creates retention risk and user friction. Zero-knowledge threshold proofs let a platform learn only what policy requires, for example over 18, without receiving date of birth or document images.

AffixIO sits at the allow or deny boundary. Witnesses can come from age estimation vendors, document issuers, or programme-specific eligibility sources. The verifier checks the proof, not the underlying attributes.

Mapping to Ofcom four criteria

Procurement teams should score methods against accuracy, inclusivity, privacy, and effectiveness. Use the age assurance scorer as a planning aid, then reproduce flows in the sandbox. Legal interpretation remains with counsel; this page supports engineering evidence.

Part 3 vs Part 5 duties

Publisher duties under Part 5 may require stricter gates than Part 3 user-to-user services. The OSA scope checker helps classify service type before architecture lock-in. See the full Online Safety Act guide.

Compare: age check vs ID upload, verification vs age vendor. Reviewed 12 July 2026.

Frequently asked questions

Does the verifier see the user's date of birth?

No. The verifier receives a signed YES or NO that the user meets the age threshold. Date of birth and document images stay at the issuer or on the user's device.

Is this compatible with the Online Safety Act?

AffixIO age circuits support proportionate age assurance. Platforms receive a binary eligibility result with Merkle audit, without building a standing age database.

What identity sources can feed the proof?

Passport, driving licence, national ID, or bank-derived age signals. The circuit proves threshold eligibility without revealing the underlying record.

Can age checks run in the sandbox?

Yes. The sandbox includes age threshold circuits with test witness data for prove and verify flows.

Run an age threshold proof

Test 18+ circuits in the sandbox, then scope a pilot with your compliance team. Field note: Online Safety age verification.