An EU-backed study has shown how easy it is for children to bypass the mechanisms that the most popular apps use to verify their age: all they have to do is lie.
The measures that popular social media apps use to verify age during the sign-up process are basically ineffective. According to research supported by the EU-funded projects CyberSec4Europe and ASAP, children of all ages can completely bypass these mechanisms by simply lying about their age.
The study in question was conducted at Lero, the Science Foundation Ireland Research Centre for Software. The researchers sought to determine how the top 10 social and communication apps used by children apply age limits. By analysing the age verification procedures of Discord, Facebook, Houseparty, Instagram, Messenger, Skype, Snapchat, TikTok, Viber and WhatsApp, they found that all the apps allowed users to create accounts by initially stating they are 16 years old.
Ineffective age verification and its implications
The project team assessed how robust the apps’ age verification measures were. “Our study found that … some apps disabled registration if users input ages below 13, but if the age 16 is provided as input initially then none of the apps require a proof of age,” stated lead author Dr Liliana Pasquale of University College Dublin in a news item posted on the ‘EurekAlert!’ website.
However, using an app for which they are underage can have serious consequences for children. “This results in children being exposed to privacy and safety threats such as cyberbullying, online grooming, or exposure to content that may be inappropriate for their age,” observed Dr Pasquale.
The possible solutions to the problem the project team examined were found to have limitations. For example, age verification through speech recognition could easily be bypassed with voice recordings. Additionally, current data protection regulations were also found to be ineffective, Dr Pasquale reportedly remarked in the news item. “In reality, the application of substantial financial penalties was the main trigger for app providers to implement more effective age verification mechanisms,” she went on to say.
Based on the results of their study and their investigation of biometrics-based age recognition techniques, Dr Pasquale and her team recommended the following measures to app providers and developers. First, apps should provide a clear and age-appropriate summary of the relevant parts of the app’s terms of use for under-18 users who are signing up. Secondly, the most restrictive privacy settings should be applied by default for users who declare they’re under 18. Third, users should be given incentives not to lie about their age. As stated in the news item, “providing mechanisms that deter a user from installing an app on a device on which they have previously declared themselves to be underage is currently the most sensible solution and the hardest to circumvent.” Last but not least, minimum-age requirements should be backed up by robust verification mechanisms.
More information
European Commission: CORDIS – Full Article
Publicaciones relacionadas:
A trusted and secure Digital Identity for all Europeans
Seaweed and solar energy join hands at sea
Commission mobilises €123 million for research and innovation to combat the threat of variants
Can life from Earth survive on a planet like Mars?
International prize in teaching innovation for the Group ‘Automatics, Robotics and Mechatronics’ of the University of Almeria
Leave a Reply