Creation of a Pull Request for Age Verification API #46
Comments
|
Bellow proposal: Some functional restrictions may exist, for example:
Swagger view: Additional comments:
|
|
Hi @GillesInnov35 , I have just created PR #50 for this, with a kind of dummy yaml file. Hope you can update the yaml file or replace it with your initial proposal Please let me know if you have any problem. Best regards, |
|
Thanks a lot @ToshiWakayama-KDDI. I'll complete PR with a proposal of design specifications. |
|
Hi, in the Netherlands we only accept people of 18+ for a monthly subscription, this has to do with national law. You can make a contract with a minor, but such a contract can easily de cancelled by a parent without any financial consequence. As a results, all telco's don't accept minors as contract holders. For the Netherlands , this means that any customer that can be positively matched (for example, based on first name, middles name and lastname, and phone number), you can already safely assume they are 18+, without asking for someone's date of birth. So for 18+, we don't need to have an extra specification. We do however have some other age categories, like 24+. For these categories, and for cases where the relying party does not want to ask for date of birth (for privacy reasons), it may be good to add an attribute whether te subject is over a certain age. I suggest to make the parameter a bit more descriptive than "age" in above example, for example like In the Request Body: In the Response:, if the user is indeed older, repeat the reqye (Verification: Yes seems a bit ambiguous to me, especially if you combine it with other parameters). I would suggest to keep the answers the same as we do now with MC Match, ie. Y, N, N-NA. |
|
And as for the issue whether the end user is the same as the contract holder, the simplest way to solve this is by responding to an age verification request only when as a minumum alle th name attributes (First Name, Last Name etc) have a perfect match. If the name does not match sufficiently, it makes no sense to report an age verification. |
|
hi @HuubAppelboom, thanks for your comment. In France we have the same restriction |
|
to your comment @HuubAppelboom
don't you think that as the phone number has been retreived we should not have to compare other informaiton. |
|
Hi @GillesInnov35 , In case a minor is using the phone and the contract owner is a parent, the minor will fill out the phone number, and that will verify as correct, so then the age verification would not work, because for the age you are checking the date of birth of the parent. You need to test as a minimum that the user is the same individual as the contract owner, so by comparing the names it will show whether this is the case or not. So, if you ask me, it makes sense to offer age verification only as part of the Match api, or to combine it at least with name verification. Otherwise you are assuming that the telco knows who the end user is, which is often not the case. |
|
hi @HuubAppelboom, one comment to
From what I know, in 3-Legged authentication (which is a requirement for KYC APIs), the phone number is retreived through the authentication journey and should not be filled out. |
|
@GillesInnov35 Correct, if you decide to use the front end flow. In that case you can retrieve the phone number from the authentication journey. For any backend flow (like CIBA) that will not work. Anyway, the point is that it makes no sense to offer the Age Verification as a single attribute in the API without an additional identity check (for example based on a name match), because that will not work with most Telco's. Moreover, if you would provide its as such, it may lead to a confusing situation and wrong interpretation of the result. |
|
thanks a lot @HuubAppelboom, I totally agree with you that the more controls we put in, the more reliable the solution will be. My remark was just to clearly understand and not to limit attributes to a unique field of course. |
|
@GillesInnov35 An alternative control could also be the email address of the contract owner. If that matches, in mos cases you can also assume that the end user is the contract owner, and return the age verification result based on the age of the contract owner. In any case, I would strongly recommend to make the use of at least one of these checks mandatory within the API request. Most developers don't read documentation, and if you provide the API without these, you will see lots of cases where the developer assumes the age check is done against the date of birth of the end user. |
|
Thanks @HuubAppelboom for your comment. |
|
to all, |
|
@GillesInnov35 Hi Gilles, In the list of attributes there is also the middle name, can you add these as well to the proposal ? |
|
@HuubAppelboom , yes sure. I update the swagger design. |
|
Can we summarize the discussion like this ?
|
|
@GillesInnov35 Hi Gilles, sounds like a good summary to me. Regarding the tenure of the contract in case isVeried = False, how would that work and what would it proof ? We don't have many contracts which exsist longer that 18 years, and the phone number may also be passed along between family members.... |
|
Hi all, |
|
@javier-carrocalabor I agree that the first / family / middleName is relatively weak. However I see this as a minimum verification that should be done. In case you want a higher level of assurance, you can also ask for other identifiers, like idDocument, or email address, bank account number, your home address etc. For these cases (where you want more assurance), you can also advice customers t you use both the Age Verification api and the KYC Match API. |
|
hi @javier-carrocalabor , @HuubAppelboom , thanks for your contribution. |
|
Hi @GillesInnov35 , @HuubAppelboom , @javier-carrocalabor , Thank you for your active discussions. As KYC Match/Fill-in v0.1.0 release version is completed, we(KYC SP) can focus on this now.
I agree with this. For this problem, one thought I have now is that OIDF guys are going to introduce their activity and views on Age Verificaiton at our next meeting on 19th March, so we may be able to get some additional hints from them. @GillesInnov35 , Many thanks, |
|
@ToshiWakayama-KDDI Thanks a lot for the information. |
|
Hi all, we have discussed at Orange about the first proposition of an Age Verification API design.
We think that the API Age Verification API should expose a resource named /contactverify which would much reflect what could be definitely performed by the MNO. Nevertheless, if a age verification service /ageverify must be defined for example to cover Use Cases such as verifying 18+ 21+ 25+, the limitation due to restrictions and the probability lower than 100% must be clearly indicated (T&C) in order not to engage the MNO. |
|
@GillesInnov35 What do you mean by a resource named /contactverify ? I would not use this name, it is generating confusion,. As far is the inputs that are minimum required, we can also add other attributes to the input that can help to determine whether the end user in question and the contract owner are the same person. To avoid giving away too much information on the matching details, you will only report the result of the ageVerification request, not whether any of the attributes actually matches. For example, this how this could work: In the Request Body: In the Response body: This way you can also cater for scenarios where the MNO has validated the age of that particular user by others means (and you report the assuranceLevel at 100%, and you can also extend this apporach with more input parameters in the request body that can help identify whether the user and contract owner are the same individual. The above example includes email, but this could be extended further, for example with bank account number etc. The ageAssuranceLevel is something that the MNO determines, and it might be a good idea to draft some guidelines on this. |
|
@ToshiWakayama-KDDI @GillesInnov35 @javier-carrocalabor Regarding assurance levels, the assurance level of the Age Verification API and also of the KYC Match API strongly depends on the assurance level of the identity data that the MNO holds. It may be a good idea to add the assurance level of the data that the MNO uses in the response of the API. For Europe, a commonly used specification for identity assurance levels is that of eIDAS (see https://ec.europa.eu/digital-building-blocks/sites/display/DIGITAL/eIDAS+Levels+of+Assurance). For other regions other specifications may be used like that of NIST: https://csrc.nist.gov/glossary/term/identity_assurance_level For eIDAS, I would put for example something in the response like: (the level can be low, substantial or high) This way you can communicate how reliable the identity data is. Especially if there are telco's where no or hardly any identity verification is done during onboarding (level low) this will become relevant. And when extra effeort has been done (level high), this can also be reflected). |
|
Thanks @HuubAppelboom , a very interesting thought. |
|
@HuubAppelboom , to your comment
The objective was to differenciate the 2 opérations which have not the same objective
I understand that what is expected is mainly the second one. I've updated the PR #50 with Huub's proposition with an assurance level returned in the response to continue the discussion. |
|
@GillesInnov35 The Y/N is more of an advice form the MNO (because the MNO can see all data). What I expect with the Fuzzy Name Logic is that when you plot the cumulative distribution function of Score versus percentage of users is that there are sharp drop-offs in the data. The MNO can probably see this, and decide below which percentage you should not assume anymore that the end user is the contract owner. This cut-off probably varies per MNO, depending on the quality of the data the MNO has. As an alternative, the MNO can also provide just the ageVerificationScore when it is above the cut-off point, and when it is below the cut-off provide a N. |
|
@HuubAppelboom Question from me... relates to this concept"Telco applies either a Yes/No match or Fuzzy Name Matching logic".
|
|
I think it is only a good idea to provide the score if it is above a certain level (to be determined by the MNO). Come to think of it, we should also try to keep it in line what we have already defined in the answer for KYC Match (so [ true, false, not_available] ) So for example, let's assume the MNO has determined that the level should be at least 80% to provide an answer. Let's assume the score is now 95%, the answer will be: { or { In case the ageVerificationScore drops too low, or the data is insufficiently available, you provide { or, in case we must provide always the ageVerificationScore to avoid errors, we can also provide { |
|
On 2nd thought, with the idDocument may also have different valid values, for example in the Netherlands people can have a passport, driver license and id card, each of which is a valid identification document (and with a different number). If there is a match with a document number, it is a very strong indicator the end user is also the contract owner. In this respect, to calculate a total score for all the attributes provided, it may be a better idea to calculate a weighted average over all the inputs provided, to come to a total score, and to calculate a score with idDocument and email included and excluded. |
|
I'm sorry I couldn't attend to the latest call so maybe I am asking questions already answered. |
|
@StefanoFalsetto-CKHIOD What we try to do here is to identify whether the end user is over a certain age, and part of the assesment is trying to check whether the end user is also the contract owner (otherwise the data does not make sense). What are the other cases you are thinking about ? |
|
@HuubAppelboom Aligning to KYCmatch response values is a good idea, it would give consistency when we come to retrofit score attributes back into the KYCMatch product. I'm not sure of the value of an overall score if you're providing back the individual scores; the Client and/or Aggregator consuming the service can use the individual attribute scores to make their Machine Learning decision; not opposed to it, just not sure if a customer of the API would use it |
|
@KevScarr The advantage of just replying with the Age info and an overall score is that you can price this at a separate price point (as compared to make the Age Verification check part of the KYC Match API), and that you do not need to expose the additional information which may not be needed. If a customer would like to have the other data verified as well, and know the answer per attribute, they can run that through the KYC Match API. |
|
I'm not sure but in fact you propose to add those attributes in the AgeVerification request for being verify before age verification.
The Fuzzy Name Matching Logic will be only used for some them. Response will be
BR |
|
@HuubAppelboom Thanks, super clear. So under AgeVerify return a single score whereas in the match product, provide back the individual attribute scores. Make sense, today in our journeys, we have our customers call KYC-Match API first then the Age-verify API. |
|
@HuubAppelboom , @GillesInnov35 , @StefanoFalsetto-CKHIOD , @KevScarr , all, Thank you so much for the proposal and further discussion. Sorry for the late comment, but from KDDI side, I have discussed this internally with our product team, and for Age Verification, we don't think we need any additional attributes, i.e. we only need "phoneNumber: +31612345678 (e.g.)" and "ageVerification: 24 (e.g.)" in the Request Body and "ageVerification": True/False/not_available (e.g.) in the Response. So, from KDDI side, we would request to make any additional attributes optional and to make the Age Verification API work without any additional attributes. Our customers like this type of Age Verification (no frill) and we don't have any problem in Japan (and some other countries, I believe). We understand EU's case, so, if the additional attributes are necessary, it can be documented properly in the API documentation or in the MNO's service document, e.g. in EU countries, attributes AAA, BBB, CCC, DDD are necessary. So, for the API, these attributes are optional, but for the service in EU, they are mandatory. Best Regard, |
|
@ToshiWakayama-KDDI @GillesInnov35 @StefanoFalsetto-CKHIOD @KevScarr As a suggestion for making the input attributes optional, this can be done. In some markets you also may want to more input mandatory (for example email) to come to a reliable result. If we make all input paramaters optional, I suggest that we can also provide feedback when the API consumer has provided too little data to come to a reliable conclusion. For example, the response could look like: "ageVerification": true/false/not_available/insufficient input data provided |
|
@HuubAppelboom If inputs are optional then it makes sense to support an "insufficient" response to me. In the UK market, Pay-As-You-Go customers do not need to do a formal ID check and so can enter their own information on the MNO CRM system. So it may be appropriate to also have an 'unverified' response. Today in our age product, if the account is PAYG, or has multiple numbers on it (ie user and owner may be different) and the adult-content-bar is on, we don't provide a response. So it may be appropriate to return an "unverified" response and no score? |
|
@KevScarr Hi Kevin, it may indeed be a good idea to add an unverified response, in case you want to share such data. In this case we can have the following response options: "ageVerification": true/false/unverified/not_available/insufficient input data provided where unverified means true, but the data is not verified, and the ageVerificationScore is only provided in case of true or false. |
|
@KevScarr In our case, we don;t have any age data on prepaid users. The end-user vs contract owner issue we are trying to solve through the additional input data (givenName, middleNames, email). But ofcourseyou can always also exclude the multiple SIM group. |
|
@HuubAppelboom Superb, agree with your points and thanks for including unverified. |
|
Hi @GillesInnov35 , Hi all, As we have had very long discussions, could you summerise the conclusion before moving on to PR? It is difficult to see what proposals are remaining, I feel. A basic question, please. We have started Match Scoring discussion. As Age Verification has scoring feature, should it be aligned with Match Scoring? Thanks, |
|
hi @ToshiWakayama-KDDI, see bellow my understanding and I let @KevScarr and @HuubAppelboom update the summary
The request
The response
this is what has been mofied in the first design proposal in the PR #50:
|
|
To add to the above; we would support the Telefonica view for these attributes to be optional. Some use-cases don't have the full identity information available to check, where they do I would agree, KYC Match is a better fit to do a thorough check before calling this API. |
|
There seems to be a majority for not mandating any of the individual attributes; in this case, we can also omit the response "insufficient_data" and limit the response to "true/false/unverified/not_available". I do believe hower that it is still a good idea to ask for the attributes that can distinguish the end user from the contract owner in one and the same Age Verification API call. If you don't put it in one call, you will have to write an instruction like first you need to figure out whether the end user is the contract owner by calling KYC Match, and only if you think the end user is the contract owner, then it makes sense to call the Age Verification API (and otherwise you shouldn't). That may lead to a lot of mistakes by developers (because they didn't read the instruction, or they may try to cut costs by omitting the KYC Match call, etc). Putting the distinguishing attributes in the same call will prevent this kind of errors, it will reduce the total processing time, and you can position this call at a different price point than a full KYC Match call. |
|
hi @HuubAppelboom , @KevScarr , very interesting discussion. I agree with the fact that from a technical flows point of view, adding attributes of identity will avoid to consume 2 services (Match and AgeVerification). And in my opinion it's a good thing. |
|
Hi @GillesInnov35 , all, Thank you very much, Gilles. Good summary. Excellent. May I ask just a few questions for clarification, please?
'so age greater than 18' may not be always true, I think. It may be different from country to country, from operator to operator, so, we do not need this pharse, do we?
What do you mean by 'the global score'? Sorry, I just do not understand it. In addition, we would also support the Telefonica view for these attributes to be optional, as I have mentioned and commented some times. But Huub's latest comment is very interesting. Good point. I will share it internally with my colleagues. Many thanks, |
|
hi @ToshiWakayama-KDDI , find bellow my point of view and answers 1-
yes you're right regarding countries' law. "(so age greater than 18)" must to be removed
AgeVerification might return a aggregated score according all provided attributes score . Aggregated is a better word than global BR |
|
@GillesInnov35 @KevScarr @ToshiWakayama-KDDI In case no additional attributes are provided to asceration whether the end user is the contract owner, you could also provide for the score the chance that the end user is the contract owner and the age verification is correct, based on the statistics you may have accumulated with the KYC Match API. For example, if you know that on average in 72% of cases the end user is the contract owner, you can provide this as an aggregate score. And ofcourse if you do have additional attributes provided, you can make an aggregate score with those attributes. |
|
Hi @GillesInnov35 , I have one question from our internal discussion.
I understand attributes of identity will be optional. Under this assumption, the mandatory attribute to be put into the request body will be the age value only. Is this correct? Or, phoneNumber will be another mandatory attribute? Many thanks. |
|
hi @ToshiWakayama-KDDI, yes age value should be mandatory but as it is the case for the others KYC API the phone number will not be mandatory because in 3-Legged Authentication it will not be provided in the request body. |
|
As proposed by @ToshiWakayama-KDDI we could close this issue and continue the discussion in Issue #81 and PR #50. |
To start the discussion
Orange do not have implemented such a API
nevertheless this is a request with high priority
some key points
. countries' laws and data storage restriction (for example age of minor)
. What data are held by the MNOs : for some of them, only the primary phone number has been known
. API as a decision support with restrictions
Example of existing offer restriction: The MSISDN must belong to the bill payer (also known as the primary subscription on the account), The subscription must be pay monthly (PAYM, also known as post-pay)
creation of a Pull request
@ToshiWakayama-KDDI may I ask you to create a Pull request. I face a problem when creating a second PR when the last one has not been merged.
CAMARA Milestone:
YAML files with supporting documentation for all drop 2&3 APIs 'included AGE Verification) completed by the end of March 2024
Thanks
The text was updated successfully, but these errors were encountered: