Furthermore I am surprised this is considered an important next step, given apps like the Dutch identity app Yivi (who has no such dependency) already exist and can be used for age verification by the government just fine (on the few select platforms that work with it). Yivi is even available on Open Source app stores like F-Droid.

I think Yivi's existence should be sufficient proof that Google Play Integrity integration is unnecessary.

Yivi (formerly IRMA) homepage: https://yivi.app/en/

This this seems to be a fork of the EUDI wallet, see also:

• Please remove the requirement for Google Play Integrity eudi-app-android-wallet-ui#287
• use the standard Android hardware attestation API to verify the device, OS and app instead enforcing licensing Google Mobile Services eudi-app-android-wallet-ui#390

In addition, tying age verification to specific operating systems and their vendors (large American tech companies) violates two of the three principles listed elsewhere in this org:

• made available to anyone who wants to use it
• controlled by users

Furthermore, from https://ageverification.dev/Technical%20Specification/architecture-and-technical-specifications/#24-design-principles -

• Interoperability: The solution ensures seamless integration across diverse device operating systems, wallet applications, and online services.

Tying age verification to specific operating systems will directly violate this design principle.

Digital sovereignty is a necessary step to reduce the risks of data processing. There should be no dependencies for external services from third parties at all since each one adds a whole ecosystem of potential security issues.

This is insane, what's the threat model? Someone remotely exploiting a device to steal proof of age of majority just to watch p__n (most common use case)? Is it even realistic? Why does this service need an app at all? Just create a modern web app, maybe even leveraging Digital Credentials API. I'm tired of app-for-everything.

This happens because those who draft the technical specifications don't know how the technologies they propose work.

As I've explained elsewhere, this is ridiculous. Here's a brief excerpt from one of my posts elsewhere:

It's incredible that the European Commission sanctions Google for abuse of dominant position and asks to open the operating system to other stores to allow "free" competition and you [the writer of technical specifications] impose the use of tools that exclude the free choice of the user and give to Google all the power of choice, that's really INCREDIBLE...

There are dozens of ways to secure these apps' certificates without using proprietary systems.
Not to mention that Play Integrity systems are 100% illegal.

There are dozens of ways to secure these apps' certificates without using proprietary systems.

Does it need to protect those certificates at all? Maybe I'm too naive, but couldn't this simply be implemented by verifying random challenge signed by a national identity provider?

1. User goes to p__n website
2. Website detects user is visiting from Europe
3. Website downloads them a file containing a random string
4. Website tells them to visit verifyage.gov.example
5. User logs via identity provider and uploads the file
6. Challenge is signed and downloaded through the browser
7. User goes back to the p__n website and uploads the file
8. Website verifies the challenge is signed by a trusted entity

Avoids having to protect the signed challenge at all since it's single use, scheme is similar to authenticating with SSH or WebAuthn. I haven't checked the architecture thorough, perhaps does something similar in the end with more bloat in between.

Please listen the ongoing issues with the Italian Wallet related to Play Integrity:

mega thread:
pagopa/io-app#6327

Duplicates:
pagopa/io-app#7014
pagopa/io-app#7199
pagopa/io-app#6942
pagopa/io-app#6820
pagopa/io-app#6763
pagopa/io-app#6507
pagopa/io-app#6524

Fuck Google

A mandatory Google account is unacceptable in a OSS Project

Getting access to a website as a EU citizen by accepting the TOS of EU-penalized American megacorp is peak 1984.

Besides the privacy issues, this feels like South Korea's IE6 problem back in the days, everything was so tied and dependent on it, that they couldn't get rid of it. But I guess we are just humans repeating mistakes, getting influenced by lobbyists, uninformed people, people who can't imagine how things will look like in 10 or more years

This would be massive hinderance to all South EU states, where adoption of non google phones is large.

This would be also massive dependency on google.

Furthermore, why on earth are you building digital ids but then not doing IDPs, then forcing users to use some extra app for agecheck... they and their OS maintains...

It is bad UX, it causes issues, not sure if adds any security.

You can also buy Linux phones, they exist too in 2025. This is why a cross-platform solution would be needed.

Exactly. Where even is the desktop client? (#29) Why do EU citizen need a mobile device for digital identification in the first place? Please don't tell me they expect anyone to open a mobile app every time they want to sign an email to send out...

It tells a lot that you not just deleted a protest merge request without a trace (#13, archive here), but also got its author's account nuked from github!

Thats how you deal with opposition to your oppressive ideals? Instead of discussion, you ignore one part of them, and silence and disappear the others, like they never existed? You, the project maintainers should be deeply ashamed!

Hey while you're at it, perhaps also implement $TRUMP coin and an NFT store because what good is a digital identity app without some good ol' fashion gambling and energy waste. Oh and ads, lots of ads. 'Murica.

I don't get the general negativity here. While I agree that Google integration for remote device attestation is wrong, the general idea behind this project is good. Keeping out bots and russian trolls from online discussions is in all Europeans interest I would think, and this organizations plan for a digital identity is nice. I don't like age controls online, they are pointless footholds for authoritarian fantasies, but I do think that this project tries its best to solve this issue in a technically elegant way which conserves privacy as best as possible.

But yes, please remove the Google attestation. Maybe first focus on an EU custom firmware for phones, much like GrapheneOS does it - they even do their own attestation ;)

Keeping out bots and russian trolls from online discussions is in all Europeans interest I would think,

Not if it's achieved via central mass registration of all citizens that will eventually remove all anonymity from the internet. This is a dangerous road to go down.

It tells a lot that you not just deleted a protest merge request without a trace (#13, archive here), but also got its author's account nuked from github!

Thats how you deal with opposition to your oppressive ideals? Instead of discussion, you ignore one part of them, and silence and disappear the others, like they never existed? You, the project maintainers should be deeply ashamed!

Non-European here but this is just scary

As to #10 (comment): Firstly, that is such horrible UX that it will generate 1000 times more complaints from non-techy users than the current solution receives from the vocal minority that uses custom ROMs.

Yes, UX isn't great but it's simple and works on any device.

the scheme is wide open to MITM attacks, where teenager Tom downloads the file, hands it to adult Alice, Alice does the age verification stuff, hands the result back to Tom and suddenly Tom appears to be an adult.

It's not MiTM if I willingly and freely share credentials with others. It's no different than one of the flows where you scan a QR code with the phone, I can share the code with an adult to do the verification: https://github.com/eu-digital-identity-wallet/av-app-android-wallet-ui?tab=readme-ov-file#presentation-flow.

Also I could just create an account on the p__n site, do the verification and then share credentials with you. Binding age verification to accounts it's even one of the suggested user journeys (8b): https://ageverification.dev/av-doc-technical-specification/docs/media/Figure_1_user_journey.png which I'm definitely going to do because don't want to do this crap every time I close and reopen my incognito window.

Relying on a company that we constantly have to fine for violating our laws is utterly ridiculous even beyond the obvious privacy implications here.

US sanction policy on any smartphone maker they don't deem trustworthy would result in them being locked out of our age verification system and essentially could not operate anymore here.
This is not even theoretical. Huawei smartphones are wildly available in europe and would become unusuable because of US policy. While there's good points to be made for the US having said sanctions on huawei it most certainly should be our decision if we want to impose those too and not just unilaterally decidable by the US.

Just weighing in here.

Apart from the question about how useful or desirable it is to have age verification on the internet, it is completely unacceptable that a European age verification service would rely on Google to implement this, thus forcing all Europeans to only use an American approved operating system. It simply does not make any sense.

Since this repository is literally promoting illegal practices (Data Sovereignty, DSA, DMA, interoperability requirements of the specification) I have reported this repo to GitHub, I'd suggest every(EU resident)one do the same, in addition to writing to your local representative.

I don't see age verification as evil, as long as it's done in a privacy preserving way.

If we assume that each country already has its own digital login, the system could leverage that to issue a signed token that attests only to the 18+ property and nothing else.

An app holding such signed token need not have any sort of attestation, because the token itself is digitally signed off-device. No dependence on Google is necessary. No smartphone necessary, you can carry the attestation as a QR code on a piece of paper.

lol this is the eu
this is the same country (well, union that keeps trying to remove its memberstates' sovereignty) that wants to create their own certificate authority and make it illegal to do cert transparency on it (that is, they want to be able to MITM anyone)
this is the same country that wants to ban encrypted messaging outright
stop saying "well it's OK if -", you're just giving them ways to creep back in.
even if they remove the "share all your personal data with US companies too please" requirement (which is likely just a misguided mistake by the company they're commissioning to make this app), it's still the same awful behaviour that will at best fragment the internet massively

complaining here will do nothing. likely, complaining at all won't do anything because this is all lobbied in by megacorps, but if anything, you should support organizations that protect the internet and its global cultural heritage (and get ready to need a vpn in the very near future, then fight against attempts to ban VPNs too just like the UK is already moving onto)

I don't see age verification as evil [...] assume that each country already has its own digital login

The problem is that in a lot of countries, you can get by without this digital login. If you now age-gate a ton of the internet, and this would likely eventually include 18+ videos like some harsher movies and not just porn, this is no longer the case. Everybody will need to jump on or they'll be cut off from art and media. Once everybody has one, the incentive increases to also force them to use it for other, less private tasks.

It tells a lot that you not just deleted a protest merge request without a trace (#13, archive here), but also got its author's account nuked from github!

Thats how you deal with opposition to your oppressive ideals? Instead of discussion, you ignore one part of them, and silence and disappear the others, like they never existed? You, the project maintainers should be deeply ashamed!

uuh, what the hell. this is not okay

EU is a country now?