this post was submitted on 22 Feb 2026
7 points (73.3% liked)
Pulse of Truth
2321 readers
67 users here now
Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).
This community is automagically fed by an instance of Dittybopper.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Are you referring to a verification service running on the user's device, or on a third party providers' server?
Running a verification service on the user's device can't work, regarless of the approach. The software on the user's device can be altered to give fake results, so verification should be done remotely.
Relying on a third party service to do remote verification imply trusting that third party isn't giving fake results, regarless of the approach.
The company/org that needs to verify age should run the actual age verfication, ideally using a privacy-friendly method and a free reference implementation that got scrutiny from the public. It requires only trusting the gov issues acvurate ids, and trusing the math.