Access Age Restricted Content Use Case
Use Case Metadata
Title
Access Age Restricted Content Use Case
Status
Use Case Lifecycle Status
Contributed | Working Draft | Committee Review | Compilation | Approval | Publication |
This use case has been approved in version 1.2. This page may have been updated since the 1.2 document was approved. |
Contributor
Nym Issues Group and Use Case AHG
Use Case Content
Use Case Description
Enable individuals to prove that the are within a certain age range without disclosing their identity. This could be to support COPPA safe harbor provisions by verifying minority status without identification, or to enable adults to access mature content with privacy.
Actors
- Subscriber is a human wishing to access a service with age restrictions without revealing their identity.
- Relying Party needs to provide access only to individuals within a specified age range.
- Attribute Provider provides an age verification service.
Goals / User Stories
- Enable individuals to prove that the are within a certain age range without disclosing their identity.
- No identity information about adult must be verifiable but age.
Assumptions
- Individuals/subscriber do not have a credential.
- Attribute Provider may be a credential issuer.
- Individuals are willing to share identity information with Attribute Provider in order to obtain anonymous age verified access to Relying party.
- During enrollment, Subscriber undergoes Identity Proofing that includes verification of their Date of Birth.
Process Flow
Proof of Age Process Flow
- Subscriber registers with Attribute Provider
- Attribute Provider creates a claim that satisfies the relying party but does not include the birth date.
Verification of Age Process Flow
- Subscriber attempts to access age-restricted content on the Relying Party.
- Service provider discovers the attribute provider by either:
a. Subscriber informs Service Accept. 2. Service provider discovers the attribute provider by either:
a.Subscriber informs Service Provider of Attribute Provider, or b.Service Provider queries for Attribute Provider that can verify Subsrciber.
- Relying Party requests a claim from the Attribute Provider of the required age range.
- Subscriber proves to attribute provider that it owns the birth date information in the AP.
- Attribute Provider locates Subscriber’s Date of Birth and calculates whether Subscriber is in the required age range.
- Attribute Provider provides a claim to Relying Party with confirmation or denial that the Subscriber falls in the required age range.
Success Scenario
The use case is successful when the Relying Party can verify whether Subscribers are in the specified age range.
Failure Scenario
- Relying Party is unable to find an Attribute Provider to vouch for the Subscriber’s age.
Error Conditions
- Wrong requirement is sent or the wrong attribute is sent.
Relationships
Related to Identity Proofing Use Case, Verify Identity Claim Use Case
References and Citations
NSTIC Strategy (p. 2, p. 11, p. 23, p. 38) Children’s Online Privacy Protection Act (COPPA)