EU age verification app: "Worry-free package" with security vulnerabilities
_tk_
35 points
1 comment
April 19, 2026
Related Discussions
Found 5 related stories in 75.5ms across 5,012 title embeddings via pgvector HNSW
- EU age verification app hacked, 2 minute How to posted johanstokking · 73 pts · April 17, 2026 · 73% similar
- The unfortunate need for an "age verification" API for legal compliance turrini · 18 pts · March 03, 2026 · 62% similar
- Age verification on Systemd and Flatpak londonanon · 105 pts · April 03, 2026 · 60% similar
- System76 on Age Verification Laws LorenDB · 57 pts · March 06, 2026 · 59% similar
- I'm reluctant to verify my identity or age for any online services speckx · 909 pts · March 03, 2026 · 59% similar
Discussion Highlights (1 comments)
hiciu
I'm not affiliated with the project, just curious. So there's demo app in the eu-digital-identity-wallet/av-app-android-wallet-ui github repo, I believe this is what's being tested. This is obviously not an app for an end user, it looks more like a template, to be implemented / integrated on the national level. There's also this controversial requirement for attestation / google play integrity / tpm on the device. That's not implemented in the demo app, in fact the twitter video linked in the article clearly shows security researcher launching a total commander android app with super user privileges. IMO selling this as an "EU age verification app" by the commission is dishonest. edit: so in the linked twitter thread, the security researcher is aware that this is demo app. So not only commission here is being dishonest...