alt Hacker NewsSo does this mean Discord is scrapping its new face verification requirement for users, or imply they’re no longer using this 3rd party service (Persona) to do it? The article wasn’t too clear on that.
Replies
> So does this mean Discord is scrapping its new face verification requirement for users,
No, they’re outsourcing the verification to an external company. Just not this one.
Side note: The verification is only if you want to remove content filters, join adult-themed servers and a couple other features. If you only want to chat with your friends and use voice then no verification is required.
K-id is the vendor they were proposing which did on device processing. They were trying to downplay the initiative by saying all the k-id data stayed on device.
This was undermined by the fact they were also trialling a switch to Persona (the vendor in the story), which did not uphold that guarantee. It was horrific optics to be reassuring people that it was ok because you didn’t save data but also be trialling a switch to a vendor which did save data, which I guess is a lot of the reason this vendor switch was cancelled. (Though it does call into question discord’s judgment that they thought this was a good idea).
Anyway, Persona was also breached which is how the government links were discovered and also probably a part of this decision. This is not to be confused with the breach in November of 5CA, _another_ vendor they used in the initial UK and Australia roll outs. The fact that two vendors were breached in four months is a good example of why this is a bad idea
Discord isn't scrapping its plans, just assuring people that one of the vendors they trialed in a sub-market they aren't moving forward with globally. They've been trying for a multi-vendor solution from the beginning and k-ID is the vendor they've been much more publicly happy with than Persona.
Today Discord also released a rather comprehensive (and good) recap of the plan so far, their apologies for some of their messaging mistakes, and what comes next: https://discord.com/blog/getting-global-age-assurance-right-...
(Also, from that post most notably mentioned about the global rollout is delayed in light of some of these vendor verification issues and also hoping to rollout a few more features to even further lesson the need for age verification by many users. One such feature being first-class opt-in "spoiler channels", which some servers had been using age restricted channels for that rather than opt-in roles and somewhat more complex role-based permissions.)