The Australian government has published the final report from the Age Assurance Technology Trial, and it is unequivocal in its finding that age assurance can be done in Australia privately, efficiently and effectively.
Publication of the report is a win for the age assurance sector overall, but a few firms get consistent mention as leaders in the field. The report – published in full online and also available as a set of ten bound volumes – covers “technologies from 48 Age Assurance providers, offering age verification, age estimation, age inference, successive validation, parental control and parental consent solutions.”
While industry voices have welcomed the report and its results, there has been pushback from academics and privacy watchdogs, who continue to express concerns about privacy, data retention and other issues.
From the outset, the trial has been careful to state what it is not – in particular, to note that it is not policy. The final report includes the proviso that “the report is not a set of policy recommendations or endorsements for certain types of age assurance technology. That is not within scope of the Trial and not what the Trial set out to achieve.”
Moreover, it does not “determine whether age assurance technology should be implemented or mandated in specific contexts.” The report is not prescriptive; policy, it says, is for elected officials.
The point is to look at what’s possible, through “factual and validated observations about the practical capabilities, limitations and potential of age assurance technologies based on structured evaluation processes.” It aims to inform stakeholders about “the current state of age assurance technologies, supporting evidence-based discussions and decision-making in this rapidly evolving field.”
And it notes that what applies now may not in the future, as age verification, estimation and inference technologies evolve.
A recurring theme in the report, and in age assurance debate in general, is that there is no “one-size-fits-all” solution. “We did not find a single ubiquitous solution that would suit all use cases, nor did we find solutions that were guaranteed to be effective in all deployments,” the report says. “The range of possibilities across the Trial participants demonstrate a rich and rapidly evolving range of services which can be tailored and effective depending on each specified context of use.”
The report says most firms are “generally secure” and understand responsible data handling practices. Standards are good yardsticks. However, the rapid pace of change means that no platform is infallible. In terms of user experience, there is room for improvement.
Overall, the report confirms what its preliminary findings suggested: age assurance is possible, but not perfect. In a press release, the Age Verification Providers Association (AVPA) says “the report records areas to improve which we will be discussing with our members.” To that end, it recognizes that legislation, certification, and technological development and deployment are in constant dialogue. Modifications to the tech can address privacy issues, while accreditation and certification schemes can help solidify the foundation of trust.
The report analyzes five categories of age assurance, each of which gets its own volume. Age verification and age estimation are included, alongside age inference technologies, which “determine an individual’s likely age or age range based on verifiable contextual, behavioural, transactional or environmental signals, rather than biometric data or identity documents.”
The report also evaluates “successive validation,” or systems that combine methods, and parental control and consent models.
In terms of maturity, age verification methods have an edge on age estimation, which is still evolving. “Providers’ claims about age verification capabilities were independently assessed and found to be accurate and reflective of real-world system performance, including in lab and field testing,” the report says. For age estimation, however, “provider claims regarding performance were generally substantiated through independent evaluation,” but “some early-stage systems lacked complete transparency.”
Age verification, in other words, is ready to roll; whereas with age estimation, “most systems are technically deployable across standard devices and environments, though edge-case limitations remain.”
“In summary,” the report says, “age verification is a technically mature, privacy conscious and inclusive method of age assurance. When implemented with strong safeguards, ethical oversight and adherence to international standards, it offers a viable and trustworthy solution for protecting children and enforcing age-based access controls in Australia’s digital environment. Continued investment in inclusion, standardisation and user-centric innovation will help ensure that age verification systems remain fair, effective and widely accepted.”
It makes sense that age verification, as the most established method, yields the best trial results. But newer technologies are not far behind. In the AATT’s rankings, across both age verification and age estimation evaluations, the majority of firms were judged above Technology Readiness Level 7. Several appear at the TRL 9 level for both technologies: Yoti, VerifyMy and PrivateID all occupy the top tier in both reports.
The report also paints a picture of a sector that is generally operating in good faith, respecting data minimization, trying to comply with applicable standards and laws, and not looking to gobble personal data for ill use. That said, one notable pain point remains: the tendency among a few participants to be too eager to anticipate what kinds of data police might come looking for.
“While most providers followed clear data minimisation practices, the Trial identified a concerning trend among a minority of providers toward over-preparing for investigatory or forensic requests. This included the retention of full biometric or document data for all users, even when such retention was not required or requested. While these practices may be motivated by a desire to assist regulators or coroners in rare and serious circumstances, they carry significant privacy risks and require clearer regulatory guidance to ensure proportionality.”
The statement is a good reminder that the Trial is not claiming it has all the answers, and that the report is not advocating for any particular policy with regard to age assurance.
Nonetheless, pushback has already begun, as digital rights groups and researchers put forth nagging concerns about privacy and security. Some are taking it as a cue to call on the government to rethink its social media policy, which restricts account creation to users 16 and up.
According to InnovationAus, Greens senator David Shoebridge has secured a Senate inquiry into the ban, and claims the AATT’s findings “accidentally prove the social media age ban is unworkable.” And John Pane, the chair of the Electronic Frontiers Foundation who excused himself from the advisory board of the AATT in August, has refreshed his criticisms of its methodology, accusing the government of chasing sound bites.
Yet the report undoubtedly offers critics a chance to take a look at the data. It underscores that the trial was “conducted independently of DITRDCSA (Department of Infrastructure, Transport, Regional Development, Communications, Sport and the Arts) and regulators.” Its detractors are now free to sit down with the documentation and respond. But the key finding – that age assurance can be done in Australia privately, efficiently and effectively – is unlikely to change.
Age Assurance Technology Trial | age verification | Australia | Australia age verification | biometric age estimation | biometrics | data privacy
A pair of EU co-funded Large Scale Pilots have started development on making the European Digital Identity (EUDI) Wallet ecosystem…
Passkeys are the popular new thing in user authentication. The heralded replacement for passwords promises greater security and convenience. Companies…
New Zealand has launched a tender for a Trust Framework Register for the Department of Internal Affairs (DIA) to manage…
OCR Studio has applied its computer vision and optical character recognition capabilities to release a license plate and VIN (vehicle…
The National Institute of Standards and Technology (NIST) has finalized a major revision to its Security and Privacy Controls for…
The Council of the Swiss Abroad has passed a resolution in favor of the new Electronic Identity Act, which will…
This site uses Akismet to reduce spam. Learn how your comment data is processed.
Continue Reading
Learn More
Copyright © 2025 Biometrics Research Group, Inc. All Rights Reserved.
Web Design by Studio1337
Takeaways from the final report on Australia’s Age Assurance Technology Trial – Biometric Update
