I like that idea! Driving licence sharing to prove age. But looking at the link you showed, it looks like they'd need to do a load of form filling online - not a quick process.
Actually it is quite quick if you have your details to hand. You get a one use code at the end that you can share. The recipient needs the code and the last eight digits of you licence. They can then enter these on another Gov page and they get a summary of the licence. Noting that it does give the
full name of the driver. Otherwise it's all stuff useful if you were renting a car, but no other personal information (like DoB or address). It'll obviously say if the licence is provisional or not. So if not you can further assume the driver is at least 17. Anyhow it's not really intended for this, but it was something I knew about so mentioned.
Although that would mean paying money for Shufti as well so not much point doing the driving licence then - sorry. They already get an option to scan id with Shufti anyway if the face estimation fails.
That's not quite how it seemed to work during my trial. You could combine methods, but then they were chained together. Certainly when I was trying estimation only - that's all I got offered. I'd clarify with them to be sure. I'd also check the costs - estimation was the cheaper, but ID scans were more expensive. So even if it does "fall back" to that you might find your costs increase.
Why would anyone share their driving licence or NI number to use a website forum when they can register for free with Facebook and use a plethora of groups, even start their own, without jumping through hoops?
Bearing in mind most people are scam wary and would refuse to do so in the first place.
Indeed. Fundamentally the issue with any age-verification system. There are some where the checker simply gets a yes/no to the 18+ question, those do protect the privacy of the user from the forum site, but obviously not to the company doing the checks. Things like the Yoti/EasyID digital ID can offer that, but you have to accept giving your soul to that (the checking) company.
Even whilst trialing the systems I instinctively did not want to use my own ID or face!

Obviously Facebook fall under the same regulations, but they could tackle them via tools and moderators (and lawyers) instead. I think they do use Yoti however, but presumably not universally. The above example of the NI/Driving licence doesn't share those numbers with the end-website (ie the forum) it's only the Gov pages you input the data to (and they already know it!), but as mentioned the end-website would get a full name and 8 digits of your licence (along with knowing what you can drive, etc!).
From my testing it's a mix between the third party checking systems as to what data is retained and accessible. So Shufti for instance handled all the acquisition of the data - the forum wouldn't be anywhere near uploading scans of ID or anything like that, but in the backend for Shufti I can see a full picture of the ID, etc so I had more data than I needed. VerifyMyAge doesn't keep anything like that at least, but with the API I am using I need to submit name/address so the forum does have that information (via Paypal) it needs to eventually destroy (noting that a normal
delete user does not clear the data out of the payment log). I get the impression the OIDC based flows (like OneID) probably don't retain any information. I do rather wish the UK gov had built in OIDC age checking ahead of this act into things like HMRC, DWP and DVLA, etc. That would have been rather sensible to offer free checking. Although even then do I want the UK gov to know which websites I am registering with?
As a slight aside I know we were speculating about the mobile phone age checking and how that worked and if it was vulnerable to adults just giving children phones that are in their name. The
Ofcom documentation says:
Each of the UK’s MNOs have agreed to a code of practice whereby they automatically apply a content restriction filter (CRF), which prevents children from accessing age-restricted websites over mobile internet on pay-as-you-go and contract SIMs. Users can remove the CRF by proving they are an adult. MNO age checks rely on checking whether the CRF on a user’s mobile phone has been removed. If the CRF has been removed, this indicates that the recorded user of the device is over 18. Confirmation of whether or not the recorded user is over 18, based on the status of the CRF, is shared with the relying party.
So certainly potentially limited veracity to the UK if nothing more. I'm still not quite sure I totally like the solution, an adult might well want to prove they are an adult, but might still want the content filter on their phone! Anyhow I thought I'd mention it since I was speculating a bit upthread and I'd forgotten that.