Federated identity architecture: Users can verify once with a trusted provider (e.g. government eID, AV provider), then use that verified age to access multiple regulated services without repeating the process.
Double-anonymity protocols: The system allows websites to confirm that an age check has occurred without learning the user’s identity or verification method.
Cross-border operability: Built to comply with the eIDAS framework and GDPR, supporting recognition of credentials across EU Member States.
Summary of Results
This model highlights the opportunity for interoperable credentials to minimise friction and enhance privacy, but also underscores the need for consistent standards, trust frameworks and aligned governance.
In addition to the structured Practice Statements, the Trial also reviewed publicly available Privacy Policies for all participating providers. This formed a key part of the Trial’s ethical due diligence and helped assess how well declared practices aligned with actual documentation and observed system behaviour.
Practice Statements are formal documents submitted by participating providers, outlining how their systems function and how they claim to meet specific expectations under international and domestic standards. They offer providers an opportunity to articulate their system’s design in their own words — similar to a ‘statement of practice’ or ‘system disclosure’ used in certification and compliance contexts.
As part of the Trial’s commitment to transparency and accuracy, the team prepared a written summary of each vendor interview, capturing key points regarding system design, functionality and implementation claims. These summaries were shared with participants for review, allowing them to check, verify and suggest corrections where necessary.
Individual Vendor Test Reports were developed for each participating provider. These reports formally document the results of the functional, usability and security evaluations carried out during the Trial and are intended to support public understanding, regulatory scrutiny and future conformity assessment or certification processes.
