Home A
Homepage #1
Home B
Homepage #2
Home C
Homepage #3
Product A
Product #1
Product B
Product #2
Product C
Product #3
Contact A
Contact #1
Contact B
Contact #2
Contact C
Contact #3
About
About
Case Study
Case Studies
Single Case Study
Case Study
Integrations
Integrations
Single Integration
Single Integration
Pricing
Pricing
FAQ
FAQ
Sign In
Sign In
Create account
Create Account
Reset password
Reset Password
Legal
Legal
Book a demo
Book a demo
Blog
Blog
Article
Article
404
404
Password
Password
Pages
Get full access on request after purchase
Ultra
Buy
Blog

Age verification without uploading an ID

Age verification without uploading an ID

Age verification became a regulated problem in most of Europe, the UK, and a growing list of other jurisdictions over the past three years. The compliance question is straightforward: prove the user is above the threshold the regulator cares about — sometimes 13 for data protection, sometimes 18 for adult content and alcohol, sometimes 16 for specific social features — before granting access. The design question is harder. Every implementation trades privacy against assurance, friction against coverage, document upload against biometric estimation, and each tradeoff has a cost the product team has to absorb.

Network-derived age signals are one of the less explored options in this space. They are not a universal answer. In the cases where they do apply, they sidestep the privacy and friction costs of document upload without falling into the accuracy problems of face-based age estimation. This post describes what the network can and cannot verify, how it composes with other age-assurance methods, and where the regulatory frameworks are moving.

The current landscape, briefly

Age verification regulations cluster around three frameworks. GDPR Article 8 sets the age of parental-consent-required data processing at 16, reducible by Member State to 13. The UK Online Safety Act requires "highly effective" age assurance for platforms serving age-restricted content. US state laws — Texas HB 1181, Louisiana Act 440, and a growing list of others — require age verification for adult content, with varying enforcement regimes. The European Digital Identity Wallet under eIDAS 2.0 will eventually carry selective-disclosure age attributes, though rollout is uneven.

The options a product team has in 2026 to meet these obligations:

Document upload and verification: The user photographs their national ID, passport, or driver's licence; a verification vendor matches the document to a selfie and extracts the birth date. This is high-assurance and high-friction, with a meaningful drop-off rate at the upload step.

Credit-card check: A small authorisation against a card whose issuer's KYC confirms the cardholder is over 18. This is low-friction and low-coverage — works only for card holders.

Face-based age estimation: A vendor estimates age from a selfie. Accuracy varies by demographic group; the false-acceptance rate for users near the threshold is material.

Digital-identity-wallet attribute: The user presents a verifiable credential with a selective-disclosure age assertion. High-assurance where supported; rollout is limited.

Network-derived signals: The mobile operator attests to attributes derived from the subscriber record — age at issuance, IMSI age, carrier-of-record tenure — enough to meet some assurance thresholds without document upload.

Each approach has a legitimate deployment. Network-derived signals fit best where the user base is already verified at SIM issuance and the assurance threshold is meetable by telecom attestation.

What the network can attest to

A mobile operator holds, for each subscriber, the record created at SIM issuance. Depending on the jurisdiction, that record includes the subscriber's date of birth as documented at issuance, the date the SIM was issued, the IMSI's issuance date, and the carrier-of-record tenure. These are attributes the operator can attest to via an age-assurance API without disclosing the underlying record.

The most useful of these is birth date at issuance where the operator collected it. In the EU and GCC, operators are typically required to verify a national ID at SIM issuance, which means the subscriber's birth date is held with the same assurance as the ID the regulator accepted. In such jurisdictions, the operator can respond to an age-assurance query with a selective-disclosure assertion — "the subscriber is at least 18" or "the subscriber's age is in the range 18 to 25" — without exposing the exact birth date.

The European regulatory context supports this directly. The eIDAS 2.0 framework anticipates selective-disclosure credentials issued by entities trusted under national regulation. A licensed telecom operator attesting to a subscriber's age-at-issuance fits the qualified-attribute model, subject to implementation conforming to the relevant assurance level. The current-state analysis of eIDAS implementation gaps notes that Member States have moved at different speeds on the supporting infrastructure, which means the practical question for a 2026 deployment is not whether the framework supports the approach but whether the specific operator has published a conformant implementation.

The other network-derived signal is IMSI age — the time elapsed since the IMSI was issued. This is a weak-but-useful signal in specific contexts. An IMSI issued ten years ago to a subscriber whose record shows documented birth date, with continuous carrier-of-record tenure across those years, is a different signal from an IMSI issued last week. IMSI age does not directly establish the subscriber's age; it establishes the tenure of the SIM identity, which is one input to composite age-assurance models.

What the network cannot attest to

The network does not know the user is the subscriber. The person holding the phone is not necessarily the person whose name the SIM was registered under. A family SIM shared between a parent and a child, a corporate SIM reassigned to a new employee, a secondhand SIM acquired through informal channels — all of these produce a subscriber record that does not match the current holder.

This is the structural limit of network-based age assurance. It attests to the subscriber at record, not the person at the handset. A rigorous age-assurance flow that depends on the match between the two needs at least one additional signal: silent auth to confirm the device is the enrolled device, a biometric step to confirm the person, or a policy choice that accepts the network attestation as sufficient for the jurisdiction's assurance level.

In markets with weaker SIM-issuance KYC, the network attestation is correspondingly weaker. A subscriber record populated via a quick retail KYC with a utility bill, in a jurisdiction without a robust national ID scheme, does not carry the same weight as a record populated under EU-level document verification. The Arner and colleagues analysis of identity infrastructure globally documents exactly this variance [2]: identity infrastructure is uneven, and the attestation quality tracks the infrastructure quality.

Composing with face estimation and document upload

The realistic implementation for a product team facing age-assurance regulation is composition, not substitution.

A first-pass flow can use the network attestation as the primary signal. The relying party submits an age-assurance query to the operator API; for subscribers on supporting operators with jurisdictions accepting telecom attestation, the query returns a selective-disclosure response. Users in this bucket pass through without document upload. The coverage in 2026 is partial — not every operator participates, not every jurisdiction accepts telecom attestation, not every subscriber is on a jurisdiction with strong issuance KYC.

For users in the uncovered bucket, the relying party falls through to face-based estimation, document upload, or credit-card check, ordered by the assurance level the jurisdiction requires. The composition reduces the share of users who hit the highest-friction step, which is document upload, without compromising the overall assurance level.

The operative metric is fall-through rate. A network-attestation-first flow that covers 60 percent of the user base drops the document-upload rate by 60 percent, which on an abandonment curve typically translates into meaningful retention gain. An honest product page reports the fall-through rate by region and operator, rather than the headline coverage figure that is misleading in regions where the coverage is low.

The privacy argument

Age assurance by network attestation is privacy-preserving relative to document upload in two important ways.

First, the operator's subscriber record already exists under regulatory supervision. The assurance query does not create a new data-processing relationship; it queries an existing one. A selective-disclosure response — "at least 18" rather than the birth date — discloses the minimum necessary to satisfy the assurance requirement. Under GDPR's data-minimisation principle, this is a cleaner design than uploading a full document to a third-party verification vendor.

Second, the relying party does not retain identity documents. Document verification vendors typically process the document, extract the birth date, and return the result; the document image lives in the vendor's infrastructure for some retention period. Network attestation does not produce an image to retain, which shrinks the data-protection surface for the relying party.

The argument has limits. A network attestation creates a logged query from the relying party to the operator, which is itself a data-processing event subject to purpose limitation and consent. The consent mechanism should be CIBA or equivalent — an explicit subscriber approval for the specific query, not a blanket authorisation. Implementations that skip the consent step are not privacy-preserving; they have only made the data flow less visible to the subscriber.

What the regulators are moving toward

The regulatory direction in Europe is toward certified assurance providers issuing selective-disclosure credentials, with the eIDAS 2.0 Digital Identity Wallet as the longer-term substrate. Network operators are plausible qualified-attribute providers under this framework, and the subscriber-record attestation is well-suited to the selective-disclosure model.

In the UK, the Online Safety Act's "highly effective" standard is implementation-agnostic — it does not mandate a specific method but sets an outcome. Network attestation can satisfy it in specific cases, especially for jurisdictions where SIM issuance is rigorously KYCed.

In the US, the state-by-state picture is messier. Some state laws are prescriptive about acceptable methods; others leave method selection to the platform. Network attestation is a plausible component of a composite flow in most jurisdictions, though the legal analysis is state-specific.

For markets in Africa and the GCC, the regulatory landscape is less mature, but the mobile-money infrastructure has produced operator-verified subscriber records at scale. The age-assurance use case is a natural extension of the identity primitives those operators already expose — the technical pattern is the same as silent auth, and the legal basis draws on the same issuance-KYC events.

What Tensormobile exposes

TensorAuth's age-assurance API returns selective-disclosure responses: a boolean for a specified threshold ("at least 18," "at least 21"), or a range bucket where the integrator requests one. The response carries a provenance field naming the operator that issued the subscriber record and the issuance-KYC regime that populated it, so the relying party can apply jurisdiction-appropriate weighting.

We do not return the subscriber's birth date. The selective-disclosure model is the design, not a toggle, and integrators requesting the underlying attribute are routed to KYC Match or to an explicit identity-verification flow that requires subscriber consent.

We publish coverage by operator and by jurisdiction. For jurisdictions where our home-operator status gives us direct access to the record, the assurance level is explicit. For federating operators, the assurance level is a function of their own issuance KYC, and we pass through the federating operator's provenance field untouched.

Skip the aggregator. Talk to the network.

Get Early Access
Take to an Engineer
logo single
Company
Home
About
Blog
Contact
Product
TensorConnect
TensorSignal
TensorAuth
TensorShield
More
Legal
Create Account
Sign In
© Tensormobile Telecom d.o.o. Hrvatska
Matrix Office Park, Zagreb, Croatia
“My favorite subscription by far. Fresh supply of templates and ready-to-use sections that save us hours on every project. Absolute no-brainer.”
Jeremy Olley
Small Agency
best deal
Save with BYQ Supply Ultra
BYQ Supply Ultra is our premium subscription that gives you access to our templates and 1800+ copy/paste sections library for half the price.
Webflow Marketplace
1 template for $129
With byq ultra
3 templates for $46 each + 1800 sections
3 template credits every quarter
Full access to 1800+ copy paste sections library
All new templates added during your subscription
With code CRAFTED20 only $46/month for the first quarter.
Cancel anytime.
Get Nerdstack with ULTRA