The European Union is developing a new open-source Android age verification app that will allow users to prove their age to online services while protecting their privacy. The application will serve as a toolbox component on which other member states can build their own customized solutions. The application is currently in the initial prototype stage and has not yet been put into production use. Additionally, its current version still lacks complete security features such as code obfuscation and anti-tampering measures.
While in theory, a homegrown age verification app would have significant advantages over entrusting sensitive information to a third-party age assurance company, plans for the app have sparked some backlash.
Plans for this app include using the Google Play Integrity API for device and app verification. The API checks whether the operating system is authorized by Google and whether the app was downloaded from the Play Store. This means that if you try to use the app on an Android system that is not authorized by Google, or if you try to download the app from a platform other than the Play Store, it will not work.
This feature is not yet implemented but is planned. If the plan goes ahead, it could restrict user freedoms and violate EU antitrust action against Google.
Many users and developers have expressed concerns about the Google Play Integrity integration plan on GitHub. Critics argue that such moves will lead to the EU's dependence on US technology giants and undermine the EU's digital sovereignty.
People who responded to the proposal in a GitHub issue recommended existing identity apps to developers, such as Yivi, a Dutch age verification app that works without the Google Play Integrity API and is available in open source app stores like F-Droid.
As of this writing, the issue remains unresolved, and a post on Reddit has drawn attention to it. However, the project's maintainers have yet to respond to these concerns.