Age Verification Without Storing PII: Zero-Knowledge Approaches
Research Source
Discord's implementation of age verification has triggered significant user backlash due to PII retention concerns. Users are required to submit government-issued IDs or biometric data (face scans) for age verification, which Discord or its verification partner then stores. The fundamental objection: users want to prove they are over 18 without permanently surrendering government IDs and biometric data to a platform that has already experienced data breaches.
Executive Summary
Age verification systems that store government IDs and biometric data create permanent privacy risks. Users rightly object to surrendering PII to prove a binary fact (over/under 18). Zero-knowledge approaches can verify age without retaining any personal data.
anonymize.solutions combines zero-knowledge authentication with PII anonymization, enabling verification workflows that confirm attributes (age, identity) without storing the underlying personal data.
The Problem: Verification Requires PII; Storage Creates Risk
Age verification is a yes/no question: is this person over 18? Answering it traditionally requires collecting a government ID, extracting the date of birth, calculating the age, and returning the result. The problem is what happens to the government ID after verification. Platforms store the document, creating a centralized repository of government IDs that becomes a high-value target for attackers. The Persona breach (70K government IDs) demonstrates the real-world consequence. Users face a binary choice: surrender their most sensitive PII for permanent storage, or lose access to age-gated content.
Irreducible truth: Verification is a function: input (PII) → output (boolean). Once the function runs, the input is no longer needed. Any system that retains the input after producing the output is storing data unnecessarily, violating data minimization principles.
The Solution: How anonymize.solutions Addresses This
Zero-Knowledge Verification Flow
anonymize.solutions' ZK auth architecture demonstrates the principle: prove a property (authentication, age) without revealing or storing the underlying data. The Argon2id-based ZK protocol verifies identity without the server ever possessing the password. The same principle applies to age verification — verify the attribute without retaining the document.
Anonymize-Then-Verify Pattern
In a zero-knowledge age verification workflow: (1) User submits date of birth or ID document, (2) anonymize.solutions extracts the date of birth, (3) the system calculates the age, (4) the result (over/under 18) is stored, (5) the original document and date of birth are immediately anonymized or deleted. Only the boolean result persists — no PII is retained.
Enterprise SSO Integration
For enterprise deployments, anonymize.solutions integrates with existing SSO (SAML, OIDC) providers. Age verification attributes can be derived from HR systems and passed through SSO claims without creating additional PII storage. The anonymization API can process HR data to extract age attributes before passing them to the verification system.
ZK Age Verification vs. Traditional ID Storage
| Aspect | anonymize.solutions ZK Approach | Traditional ID Storage |
|---|---|---|
| PII retained after verification | None — only boolean result | Government ID, biometric data |
| Breach exposure | Boolean (over/under 18) | Full government IDs |
| GDPR data minimization | Compliant — minimum data retained | Non-compliant — excessive retention |
| User trust | High — no PII stored | Low — PII permanently stored |
| Re-verification | Repeat ZK proof (no storage needed) | ID already on file |
| Attack value | None — boolean is worthless | High — government IDs are valuable |
Compliance Mapping
This pain point intersects with GDPR Article 5(1)(c) (data minimization), GDPR Article 5(1)(e) (storage limitation), UK Age Assurance Standards, and the EU Digital Services Act (age verification requirements). Zero-knowledge age verification is the gold standard for data minimization — it proves the attribute without retaining the evidence.
anonymize.solutions's GDPR, HIPAA, PCI-DSS, ISO 27001, SOC 2 compliance coverage, combined with Customer-selected (SaaS: Hetzner DE, Private: dedicated, Self-Managed: on-prem) hosting, provides documented technical measures organizations can reference in their compliance documentation.
Product Specifications
| Specification | Value |
|---|---|
| Entity Types | 260+ |
| Detection | 3-layer hybrid: Presidio + NLP + Stance classification |
| Test Coverage | 100% (419/419 tests) |
| Languages | 48 |
| Anonymization Methods | Replace, Redact, Mask, Hash, Encrypt (AES-256-GCM) |
| Platforms | SaaS, Managed Private Cloud, Self-Managed On-Premises |
| Pricing | Enterprise (custom) |
| Hosting | Customer-selected (SaaS: Hetzner DE, Private: dedicated, Self-Managed: on-prem) |
| Compliance | GDPR, HIPAA, PCI-DSS, ISO 27001, SOC 2 |