This document describes the security assessment of the age verification solution developed in the context of the EUConsent project. The purpose of the assessment was to provide a review of the security posture of the ecosystem and solution architecture, as well, as to identify potential weaknesses in its design.
This security assessment covers the design of the Age Verification solution of the EUConsent project. The major building blocks that make up the solution are:
- User’s device
- Service Provider (SP)
- Age Verification Providers (AVP)
- eIDAS node network
- Identity Providers (IDP)
During the assessment, the focus was on the functional and technical security of the first 3 building blocks. As the solution is only integrating the eIDAS node network as provided and connected IDP’s that have been formally reviewed under the eIDAS regulation, these components were out of scope for this assessment.
Find out more details from the report, download the document using the dedicated button.