Some of the age verification systems that use digital ids (mDLs) do the same thing but people freak out about how they work because I think they misunderstand the tech.
They system basically asks the mDL via an api call "is this user above the age of 18/21" and the app only responds with a yes or no. It doesn't pass the users fulls details over or anything like that.
My non-expert understanding is that in the short term mDL is linkable to a cert serial, but those are supposed to be regularly rotated. So you might have 2) for a day or whatever the rotation period is. I think I've seen it asserted that it is possible to have a ZKP framework that doesn't require this, but I don't know how that might work.
The age verification bills in the US at least also make it illegal to record that information, sometimes with high penalties (e.g. my reading of Texas's is that it is up to $10k per retained record).
Thanks. Didn't know it was illegal to record it in the US - or does that vary by State?
There's a bunch of ways to achieve this privately. The work of Jan Camenisch on Anonymous Credentials and other things was done quite a long time ago now. It's a well studied field.
Some of the age verification systems that use digital ids (mDLs) do the same thing but people freak out about how they work because I think they misunderstand the tech.
They system basically asks the mDL via an api call "is this user above the age of 18/21" and the app only responds with a yes or no. It doesn't pass the users fulls details over or anything like that.