Users claim Discord's age verification can be tricked with video game characters

Original Article ↗ Hacker News Discussion ↗

Technical weaknesses of biometric/AI age checks

  • Commenters note that if Discord’s system can be fooled by a game character, it can likely be fooled by actors or AI‑generated faces, especially since models are trained on celebrities and fictional characters.
  • Age estimation is seen as intrinsically unreliable: humans routinely misjudge people in their 20s by a decade, and neural nets will share the same limitations.
  • The “open your mouth” selfie requirement is mocked as near-future CAPTCHA: computers will quickly generate convincing 3D mouths.
  • Discord’s vendor claims selfies stay on-device and only an age outcome is sent, but the system has already been bypassed; on‑device models are described as good for privacy but fundamentally weak for security.

Government mandates, missing infrastructure, and ID schemes

  • Many argue the UK mandated age checks without providing a robust, privacy‑preserving digital ID, forcing platforms into insecure or leaky workarounds.
  • Comparisons are drawn to Norway, Belgium, Denmark, and EU schemes (BankID, eIDAS, national login portals, EU ageverification.dev) where banks or governments provide APIs that return only minimal answers (e.g., “over 18, yes/no”).
  • The UK’s paper‑based, fragmented identity system is heavily criticized; voter ID and non‑unique National Insurance numbers are cited as symptoms.
  • In the US, the lack of a true national ID makes consistent age verification difficult; Real ID and mDL are seen as moving toward an effective national ID.

Privacy, surveillance, and civil liberties concerns

  • Strong anxiety about massive leaks of porn/age‑verification databases; some believe embarrassment and fear of exposure are features, not bugs.
  • There’s concern that age checks normalize infrastructure that could later be used to tie all online activity to real identities, chilling dissent.
  • National IDs are seen as particularly risky for marginalized groups (e.g., trans people) who already face harassment when forced to show ID.
  • Others counter that some form of robust, privacy‑respecting digital ID could, in principle, be better than today’s ad‑hoc mess.

Alternative designs and disputes about feasibility

  • Proposals include: government‑issued age tokens, hardware‑bound digital IDs with zero‑knowledge proofs, browser or OS‑level age headers, or bank‑based APIs.
  • Some argue such systems could be built cheaply by small, competent teams; others insist regulatory, auditing, and privacy requirements push costs into the hundreds of millions.
  • There’s debate over how to prevent token resale and multi‑use without turning systems into de‑facto global identity trackers.
  • Several commenters insist that if governments require ID checks, they must guarantee free, accessible IDs for everyone; otherwise this becomes de facto exclusion.

Discord, platforms, and cultural reactions

  • Some think Discord’s on‑device approach is relatively respectful of privacy and preferable to document uploads; others see any biometric verification as unacceptable.
  • Discord itself is criticized as an immature, ephemeral replacement for public, searchable forums, especially when open‑source projects use it as their only channel.
  • The UK’s stance against VPNs for bypassing age checks is ridiculed as unenforceable and conflating “avoiding bad laws” with wrongdoing.
  • A minority argue that imperfect, easily bypassed systems are “good enough” to reduce casual exposure of children to adult content; others fear they mainly erode anonymity while kids share the first working bypass.