Imagine a parent completing an age check when creating or verifying a social media account. Confident that the platform is secure, they have no reason to question the process or set up any additional content controls. Only to discover their 10-year-old has quite easily gained access to their account and has been watching inappropriate, and potentially harmful, content for months.
The account was verified, but the person using it was not.
This scenario is unfolding in millions of households, exposing a fundamental flaw in how online age verification works today.
The UK’s Online Safety Act, which took effect last July, marked a turning point for digital platforms. Under the Act, any platform accessed by under-18s in the UK must now verify users’ ages, with serious consequences for non-compliance, including significant fines, criminal prosecution, and domain blocking.
Despite this, a recent Ofcom report criticised TikTok, YouTube, Meta, and other major platforms for failing to do enough to protect children, finding that 84% of those aged eight to 12 were still using at least one major service with a minimum age of 13. A separate report by Internet Matters found that 46% of children believe age checks are easy to bypass, with 32% admitting to having done so recently.
For social media companies, the challenge is no longer simply implementing age checks; it’s ensuring those checks actually work.
Robust fused identity verification holds the key.
The Problem
Most age verification systems today, also known as age gates, rely on a single moment of trust. For example, a user provides a password, their date of birth, a form of ID, or a facial check, and the platform accepts that they are who they say they are from that point onwards.
However, increased digital literacy and advances in artificial intelligence have made these restrictions little more than an easy hurdle to jump. For example, voice cloning, once requiring specialised equipment and expertise, can now be performed with minimal audio samples and widely available tools. Meanwhile, synthetic faces and deepfake videos are becoming increasingly realistic, accessible, and harder to detect.
As William Tunstall-Pedoe, the technologist behind Alexa’s early voice technology, recently warned in an ITV News a interview, “we are rapidly heading for a world in which we cannot trust our own eyes and ears.”
This shift has direct implications for online age and identity verification. Even single-modal biometrics, such as a face scan or a voice print, can now be replicated. Once identity has been verified and access granted, platforms have no reliable way to know whether the same person is still using that account. A child who discovers their parent’s credentials or uses a deepfake to bypass parental controls, for example, breaks the link between the verified identity and the person actually in front of the screen. The door to potentially harmful content is opened.
The Solution
To make age verification effective, platforms need to move beyond a one-off gate. Instead, they need to maintain a continuous, verified link between a digital identity and the real person; confirming not only who set up the account but also who is using it at any given moment.
Fused biometrics provides a way to achieve this. In practice, it works like this:
- A user logs in or signs up to a platform, and their voice, speech and face are captured as part of the verification flow.
- Multiple biometric signals – voice, face, speech rhythm, facial movement, and liveness indicators – are analysed together in real time.
- Throughout the session, the system continues to monitor interactions. If the user’s indicators or their behaviour changes in a way – for example, the user switches or they appear to be under duress – the system flags it immediately and can restrict content or shut down the session.
The power of this approach lies in its multi-signal design. A single biometric signal (e.g. a voice or a face) can now be replicated easily. However, replicating multiple signals simultaneously, while maintaining consistency and realistic behaviour throughout an entire session, is significantly harder. This immediately raises the barrier to anyone attempting to bypass controls.
Crucially, fused biometrics also analyses behavioural characteristics such as speech rhythm, natural pauses, and micro-expressions – features that synthetic identities struggle to replicate convincingly. Real human interactions are inherently inconsistent in subtle ways that AI-generated interactions are not. When multiple signals are assessed together, these differences become much easier to detect.
This closes the gap between verification and actual usage, ensuring the person accessing an account is the same individual who was verified to set it up.
The Technology Exists – The Question is Adoption
The statistics make it clear; whilst age verification technology works, the verification process, as it stands, does not. Children are bypassing controls at scale, and the tools to do so are becoming increasingly accessible. Yet the technology to close this gap already exists. Fused biometrics represents a meaningful step change from the single-point checks that platforms currently rely on.
At FARx, our proprietary AI biometric technology is designed to recognise humans the way humans recognise each other, combining voice and face recognition to verify who is really on the other end of the device, continuously and reliably.
For more information on how our patented fused voice-face biometrics technology can effectively verify identity, get in touch with our expert team.