Age Verification Without Storing PII

Evidence & Data Points

• Discord's implementation of age verification has triggered significant user backlash due to PII retention concerns. Users are required to submit government-issued IDs or biometric data (face scans) for age verification, which Discord or its verification partner then stores. The fundamental objection

Solution

The Solution: How anonymize.solutions Addresses This Zero-Knowledge Verification Flow anonymize.solutions' ZK auth architecture demonstrates the principle: prove a property (authentication, age) without revealing or storing the underlying data. The Argon2id-based ZK protocol verifies identity without the server ever possessing the password. The same principle applies to age verification — verify the attribute without retaining the document. Anonymize-Then-Verify Pattern In a zero-knowledge age verification workflow: (1) User submits date of birth or ID document, (2) anonymize.solutions extracts the date of birth, (3) the system calculates the age, (4) the result (over/under 18) is stored, (5) the original document and date of birth are immediately anonymized or deleted. Only the bool

Try Free

Compliance Context

Compliance Mapping This pain point intersects with GDPR Article 5(1)(c) (data minimization), GDPR Article 5(1)(e) (storage limitation), UK Age Assurance Standards, and the EU Digital Services Act (age verification requirements). Zero-knowledge age verification is the gold standard for data minimization — it proves the attribute without retaining the evidence. anonymize.solutions's GDPR, HIPAA, PCI-DSS, ISO 27001, SOC 2 compliance coverage, combined with Customer-selected (SaaS: Hetzner DE, Private: dedicated, Self-Managed: on-prem) hosting, provides documented technical measures organiza