Yoti November 28, 2025

Thoughts from our CEO

profile picture Yoti 9 min read
An image of Robin with accompanying text that reads "Thoughts from our CEO, Robin Tombs, November 2025".

In this blog series, our CEO Robin Tombs will be sharing his experience, whilst focusing on major themes, news and issues in the world of identity verification and age assurance.

This month, Robin talks about Yoti’s latest MyFace model, buffers in both Germany and Australia and recent government discussions around digital ID.

 

Yoti’s latest MyFace model achieves a perfect score for Level 1 and Level 2 liveness detection

I’m delighted that Yoti’s latest MyFace passive liveness model has been independently tested by iBeta and is compliant with the ISO 30107-3 standard for Presentation Attached Detection (PAD) at both Level 1 and Level 2.

But what’s really exciting is that, for the first time, our MyFace passive liveness correctly detected every Level 1 attack (450 tests) and every Level 2 attack (375 tests) without inconveniencing any genuine users. In other words, none of the Level 1 bona fide attempts (150 tests) or Level 2 bona fide attempts (125 tests) were incorrectly judged as attacks. After all, telling genuine users you don’t think they’re presenting their live face is not exactly trust-inspiring!

Passive liveness requires users just to capture a selfie. In contrast, active liveness requires users to act on one or more random prompts, such as blinking, smiling, looking in a specific direction or moving their face closer to or further from the camera. As a result, passive liveness is easier for users to complete successfully on the first try, but it’s harder for vendors to meet the ISO 30107-3 compliance requirements for each PAD performance level.

The tech jargon is that our Attack Presentation Classification Error Rate (APCER) was 0% at both Level 1 and Level 2. Our Bona Fide Presentation Classification Error Rate (BPCER) was also 0% at both levels.

Our MyFace model was first tested by iBeta for Level 1 compliance in February 2022 and Level 2 compliance in February 2023. We continue to invest to ensure that our services provide the best compliance and fraud protection for businesses, and the best user experience for genuine users proving liveness when presenting their face to a camera.

Yoti will continue to offer our customers the choice of world-class active liveness and passive liveness solutions to meet their specific needs.

Some in the biometrics and identity verification industry have doubted that highly effective remote liveness could be offered cost-effectively for very high volume use cases, such as for facial age estimation or biometric face authentication. But our team loves solving safety tech challenges which benefit both our business customers and their collective hundreds of millions of end users.

 

Yoti’s facial age estimation accuracy enables Germany to lower age-check buffer

It’s great to see that the German regulator, KJM, has approved lowering the buffer for Yoti facial age estimation from 5 years to 3 years for the strictest 18+ age-restricted content.

Yoti’s False Positive Rate for 13-17 year olds being incorrectly estimated as over 21 is just 0.6%. With this 3 year buffer, this means roughly 6 minors out of every 1,000 could be incorrectly estimated as over 21.

This change enables porn businesses in the German market to allow an even higher percentage of adults the choice to successfully prove they’re over 18 using privacy-preserving Yoti facial age estimation, without needing to provide identity documents.

Adults can perform facial age estimation once in the Yoti Digital ID wallet app and then anonymously share their “over 18” status with multiple businesses. Businesses worldwide using Yoti age checks do not pay for “over [age]” results from Yoti app users.

 

Effective age checks for Australia’s upcoming social media ban

Some things are getting clearer in Australia, but knowledge gaps still remain.

Social media brands like TikTok and Meta have used Yoti age checks for over 3 years. These platforms already have strong evidence that their age inference models accurately estimate age, as the results can be compared where some users have completed a Yoti facial age estimation or verified their date of birth against an identity document.

The Australian regulator requires social media brands to prevent access to users under 16. As a result, the big social media sites are unlikely to need users over 20 to complete a facial age estimation or provide an identity document for verification.

Some fearmongers dishonestly claim that age checks for users over 16 on social media (or over 18 for adult content) would force most Australian adults to share sensitive information from identity documents with social media or adult content platforms.

Age inference models will likely be good at:

  • Spotting users under 13, who will be challenged to prove they’re over 16.
  • Estimating most teenagers as aged between 13 and 19 years, though misclassifications may occur (for example, a 15 year old is incorrectly thought to be 16 years old, or vice versa)

Platforms with weaker inference models may misclassify someone who is 18 or 19 years old as a 15 year old, or vice versa.

Social media brands are likely to request users estimated to be between 13 and 19 years old to complete an age check to prove they’re aged 16 or older.

Yoti has been independently tested by the National Institute of Standards and Technology (NIST) and the Australian Age Assurance Technology Trial (AATT) as the most accurate facial age estimation model for those between 13 and 17 years old. For ages 15, 16 and 17, Yoti facial age estimation has a Mean Absolute Error (MAE) of under 1.0 years.

If a Yoti social media customer in Australia sets the facial age estimation threshold at 17.5 years, then:

  • 60% of 18 year olds and 80% of 19 year olds will pass the over 17.5 year check. This is an inclusive approach which removes the need for age verification using an identity document.
  • 40% of 17 year olds and 20% of 16 year olds will be estimated as over 17.5 years old. So, 60% (162,000 out of 270,000) 17 year olds, and 80% (216,000 out of 270,000) 16 year olds will most likely have to use an identity document to prove they’re over 16.
  • Only 8.5% of 15 year olds and 3.9% of 14 year olds will be incorrectly estimated as over 16. Using a threshold of 18 years reduces these false positives to 3.6% and 1.3%, respectively.

Our next facial age estimation model (November 2025) will improve accuracy further, so the above percentages will all improve.

Social media brands and the Australian regulator will need to strike a sensible balance between:

  1. minimising the number of 14 and 15 year olds who incorrectly pass inference or facial age estimation without being challenged to provide strong evidence using an identity document. 
  2. not challenging too many 16 to 19 year olds to provide strong evidence using an identity document.

When done well, age checks using documents are highly effective at verifying exact ages. Combined with a smart buffer, Yoti facial age estimation provides a lower-friction solution that is also highly effective at age gating access for 16+ or 18+ users.

Some age checks, however, are not effective.

  • Some parents lie about their child’s age online.
  • In the UK, some under 18s boasted that they beat weak age checks by showing an adult’s face to a camera undetected due to no, or poor quality, liveness checks.
  • No sites have been penalised by Ofcom for using document checks that fail to verify authenticity or don’t combine loneliness and face-matching checks to prevent minors from using fake IDs (or their parent’s driving licence!).

The online world is moving toward being age-aware.

 

Momentum builds around choice for digital IDs

There was a big shift in the messaging from the Tony Blair Institute for Global Change (TBI) on a mandatory government digital ID during the most recent Home Affairs Committee discussion on digital ID.

Until now, TBI’s literature and public statements have been heavily focused on the need for a universal, mandatory government digital ID. The Institute has been largely silent on whether UK citizens should have the choice to use a certified private-sector digital ID to prove their identity, age, right to work or other credentials.

Much of the opposition to the Prime Minister’s announcement – that before the end of this Parliament in 2029, anyone applying for a job must have a government digital ID to prove their right to work – has centred on citizens having a choice of using either:

  • a government digital ID
  • a private-sector digital ID holding government-issued credentials
  • a government-issued physical passport or driving licence.

TBI’s Director of Government Innovation, Alexander Iosad, told the Committee:

“It may be that by mandatory we end up meaning: “We need to be verifying someone’s identity and right to work against a Government database, but we can do that in a number of ways, one of which might be a Government app, one of which might be one of the private providers holding a credential, and one of which might be looking at the physical passport and verifying that against the database.””

When discussing consumer choice regarding government digital ID and private-sector IDs, Edgar Whitley, Professor in Practice at The London School of Economics, added, “They are both using exactly the same ID proofing standards”.

Laura Foster, techUK’s Associate Director of Tech and Innovation, effortlessly clarified to the Committee that the UK Government’s Digital Identity and Attributes Framework (DIATF) already allows over 40 certified ID providers to carry out Right to Work checks. She noted that these providers can hold and share government-issued digital credentials with the citizen’s consent, empowering the many British citizens who want to take ownership of their digital identity.

Aside from the Prime Minister and some of the Cabinet, it feels that there’s a growing consensus that citizens should be able to choose to use a digital ID (either from the government or from a government-certified private sector provider) as well as still having the option of using their physical passport.

Whichever method is used, It makes sense that any 3 of these Right to Work evidence routes should be checked to a government database in order to ensure companies perform the checks. This wouldn’t eliminate rogue employers who avoid checks entirely, but it would clearly identify which registered companies comply and which do not, enabling far more targeted enforcement.

Keep reading

Articles October 29, 2025

Thoughts from our CEO

In this blog series, our CEO Robin Tombs will be sharing his experience, whilst focusing on major themes, news and issues in the world of identity verification and age assurance. This month, Robin focuses on digital ID, talking about Yoti’s Digital ID downloads, digital ID for teenagers and the growing momentum for a private-sector digital ID network in the UK.   Yoti reaches 20 million global downloads This month, the 20 millionth individual downloaded the Yoti Digital ID app. In the last six weeks alone, 1 million individuals have downloaded Yoti, of which 800,000 of them are from the

#digital id#yoti
Yoti Yoti
7 min read
An image of Robin with accompanying text that reads "Thoughts from our CEO, Robin Tombs, September 2025".
Articles September 25, 2025

Thoughts from our CEO

In this blog series, our CEO Robin Tombs will be sharing his experience, whilst focusing on major themes, news and issues in the world of identity verification and age assurance. This month, Robin talks about Yoti’s performance in Australia’s Age Assurance Technology Trial, New York’s SAFE for Kids Act and public perceptions of the Online Safety Act.   Yoti’s facial age estimation technology achieves independent validation and success Yoti has waited a long time to see independent, high-profile and well-funded technology trials of our facial age estimation technology. We’re delighted to read the results which have just been published in

#yoti
Yoti Yoti
8 min read
An image of a woman using her mobile phone. Surrounding her are icons such as a padlock, magnifying glass, shield and a checkmark, illustrating the various features of DIATF-certified digital IDs.
Articles September 19, 2025

Digital IDs are already here and working

The conversation around digital IDs in the UK is gaining pace. The government is exploring the introduction of a mandatory national digital ID, with some even pushing for physical national ID cards. The upcoming GOV.UK Wallet app will enable over 40 million drivers and over 50 million passport holders to store government-issued credentials.  Whilst this is generating debate, it’s important to recognise that the UK already has a secure, privacy-focused digital ID system in place. This is with the Digital Identity and Attributes Trust Framework, known also as DIATF.  This framework isn’t a competing model to the government’s digital

#digital id#yoti
Yoti Yoti
6 min read