Milan-Cortina 2026 Olympic Winter Games: freestyle skiing women's freeski slopestyle qualification
Orange Jordan Sponsors Al Hussein Technical University’s "Leadathon"
The CEO of Orange Jordan Visits Yarmouk University President to Strengthen the Strategic Partnership
*Orange Jordan Showcases Fabrication Lab Innovations at the Makers’ Forum
3 Winners at Orange Summer Challenge 2024 Join the “Social Innovation” Journey Fostering "Tech4Impact”
Estarta Named Cisco Systems' Distinguished Supplier of the Year 2024
A security investigation reveals significant vulnerabilities in age verification systems used by popular digital platforms such as Discord, ChatGPT, and Roblox, raising concerns about user privacy and data security.
Independent cybersecurity researchers discovered unprotected software files belonging to Persona, a major identity verification provider for these platforms, accessible through a U.S. government cloud environment. The leaked code, exceeding 53 megabytes, included thousands of source files linked to government intelligence programs, sparking widespread alarm among users.
Analysis of the files revealed a more extensive technical structure than a simple age estimation tool. The system incorporates up to 266 different checks, including support for reading electronic passport chips via near-field communication (NFC), sophisticated behavioral analysis mechanisms that measure the time users take to complete each field, interpreting any pause as a sign of suspicion, and comparing biometric images against global intelligence and criminal watchlists.
Further examination of the code indicates the system's ability to retain personal data for up to three years, contradicting platforms' claims of immediate or short-term deletion. This discrepancy has intensified scrutiny of data handling practices.
The code also shows technical support for financial compliance interfaces linked to U.S. government networks, such as FinCEN (Financial Crimes Enforcement Network) under the Treasury Department and Immigration and Customs Enforcement (ICE). This connection has prompted serious questions about the true nature and purpose of the system.
User trust had already been shaken months prior when Discord disclosed a breach via a third-party support service provider that compromised users' identification photos. Users later discovered that Discord had published and then deleted a page revealing their data was being processed by Persona, the very company they claimed to have stopped using.
Facing increasing regulatory pressure from countries like Australia, which has imposed strict restrictions on those under 16, the UK, which has implemented the Online Safety Act, and the U.S., which has prioritized digital child protection, platforms like Discord have adopted more intrusive systems that require physical proof of age, either through a self-submitted video or linking official identities to accounts.
Growing numbers of users are now migrating to TeamSpeak, a platform founded 25 years ago that had nearly been forgotten after Discord's rise. TeamSpeak has experienced unprecedented server strain due to a sudden surge in registrations.
This shift isn't driven by nostalgia but by a desire to regain privacy through complete self-hosting and high encryption without facial scanning. Some users are even reverting to older direct chat protocols from the 1990s, rejecting the centralized communication model altogether.
Organizations like the Electronic Frontier Foundation and Open Rights Group warn that biometric verification systems suffer from significant accuracy disparities with people of color and those with disabilities, and that linking physical identity to digital activity poses an existential threat to anyone who relies on pseudonyms to protect their safety.
