Age Verification Feedback

Per the updated FAQ for the announcement of Age Verification, I would like to suggest a hard limit of at least 1 or at most 2 alts who are eligible for the same age verification. People may have alts for various reasons, some being that they may not want people who know their main VRC account name (especially if that name exists outside of VRC on other platforms) and may not want to engage with the more hardcore gated content (cough18+STUFFcough) for fear of other users maliciously looking them up and then harassing them on other platforms or even irl. I realize that may be an extreme example, but I can imagine I am not the only one who has their VRC name as their other socials and tries to keep it as professional as possible especially those that are creators. And while you could just say... "Well. Then just verify your alt account." ...and I could just do that, but what if in doing so I lock my main account off from my favorite worlds and or avatars should those world/avatar creators put their creations behind Age Verification gates. I apologize in advance if this was hard to follow, I'm not the best at articulating my words, so I hope this made some sense... I would just greatly appreciate being able to keep my main and an alt with the same amount of access and not feel like I have a baby gate in my way on one or the other despite being a fully grown adult. -_-

I’d like to propose an expansion of the age-gating feature to include other instance types beyond group instances. Not everyone has access to a group they can host events through, nor do some users typically host 18+ events in group instances; these events are usually held in private instances, such as Invite+. Allowing anyone to create an age-gated instance would potentially better serve the community, especially adults who prefer to interact with others in their general age group without needing to rely on group instances.

For better management of invite-only instances, it would be desirable to integrate an Player API call for UDON so that one could query the status of the age verification and have it displayed on a tablet, for example.

VRChat has determined Persona can be trusted with a photo of your face and government ID. Persona is a VC-backed (arguably "tech bro") San Franciscan tech startup that's only existed since 2018. They operate out of a shared space behind a bar: https://maps.app.goo.gl/t5ebyhr9oTUhupMf9 Their privacy policy says (as I read it) that they explicitly have permission to take your personal information (selfie, photo of your government ID) and store it for years, and can and will send it to "vendors, agents...companies we've hired to provide customer service support..." and to "law enforcement [and] other government agencies." They say they'll use your personal information "to understand you and your preferences to enhance your experience and enjoyment" and for the purposes of "marketing, including to communicate with you about new services, offers, promotions, rewards, contests, upcoming events, and other information about our services and those of our selected partners..." and for "advertising, including display [sic] advertising to you..." Their privacy policy site also uses clickjacking to prevent you from copying the text of their privacy policy: https://withpersona.com/legal/privacy-policy These doesn't seem like the actions of a legitimate and trustworthy company, and there aren't enough guarantees that you won't be literally doxxing yourself. PII is extremely valuable and there's an entire industry of brokers that facilitate the sale and transfer of people's personal information--not to mention the risk of hacking, accidental disclosure, or a new and untrustworthy company being sloppy or reckless. These days AI can train off a photo of your face, and scams and identify fraud are extremely common. Personally, the only times I've had to provide a photo of myself holding an ID are for once-in-a-lifetime financial transactions. Never for a video game or social media. VRChat is willing to take the chance of making this de-facto-mandatory (i.e., the community normalizes it and it results in a greatly degraded experience if you don't comply)? The ask is a severe imposition and an invasion of privacy without adequate concern that the chosen data broker is trustworthy. Even the announcement incorrectly claimed your PII would be handled in accordance to the GDPR, but the company is actually based out of California, where regulations are far less strict, and fines far less burdensome.

I thought there was a canny for this already but I couldn't find it. I feel like the red for 18+ is a bit harsh and makes it feel a bit more scandalous than it actually is. I think changing it to purple or orange to mimic trust ranks would be a lot better and make it feel less like a marker you'd see on a sexually explicit website.

It seems like that there is a heavy implication that age verification is only for instances only. I would like to see the option for group owners to additionally enforce age verification to join / retain membership for their group. Example scenario: I'm a group owner with five hundred members. At some point I would like to make my group require age verification in order for users to retain membership in the group. When requiring age verification, any member who has not verified their age on their VRChat account via Persona gets a notification stating that they have 7 days to verify, or else they will be automatically removed from the group.

In both the original video and in the recent forum post you said you were likely to require age verification for gated content, e.g sexually suggestive avatars. Since most avatars in this game are atleast somewhat sexually suggestive, this will either create an immense pressure on people to hand over their ID to a third-party company (which is a horrible idea from a privacy standpoint). Or to just completely ignore the content gating system entirely. I foresee that people will just stop labeling their avatars as NSFW if you go through with this, rendering the content gating system useless. It will also create alot of social problems, where friends wont be able to see eachother's avatars, because some friends are more privacy conscious then others.

im not sure how this works but im 20 yrs old and i was want to get age verified if thats possible?

In the FAQ ( https://ask.vrchat.com/t/age-verification-faq/28458 ) it is stated the purpose of storing an ID hash is to: --- Detect duplicate IDs: When someone submits a verification, we compare it against our existing hashes. If we find a match, we know that ID has been used before and can reject the verification. Enforce bans: We can check if an ID was previously associated with a banned account, preventing banned users from verifying new accounts with the same ID. Enable multiple accounts: We can allow users to have more than one verified account using the same ID. Previously, this would have required keeping your full ID data with Persona. While this is not planned for initial launch, we are considering the feedback that you have given us. --- This indicates that you will be storing some sort of mapping between the hashed data (which you have not clarified what data is being used in this hash, please do so) and a VRC account. This is bad. While hashing data with a salt is a one way action, it is brute force-able. With time and resources (the amount of which decreases as technology progresses) these hashes can be cracked. Salting makes this not viable on a wide scale (cracking every hash in a leak at once), but targeted cracking is still very possible. If this database of hashes leaks (assuming the pepper leaks along with it), anyone with a grudge can dedicate time to crack a specific hash for the user that they have a grudge against. Likewise, high profile users like creators/vtubers are at high risk due to simply being more known. There is also not a ton of actual information stored on the ID itself, and much of it is in predictable formats (ie: dates, names, address, etc). Not to mention that supporting every ID type likely means that only a subset of this information will actually be used for the hash. This lowers the entropy of the input to the hashing function making it easier to crack a specific hash. Storing more sensitive data to increase the entropy is a cyclical loop, in that it presents more risk in the event of the hash being cracked. Storing an association between the hashed data and a VRChat account is not required to do 2 of the 3 goals of storing the hash: --- Detect duplicate IDs: No association is required to do this, you simple store the hash itself, and check against all hashes for each new ID added. You would have to do this anyway. Enable Multiple Accounts: If you choose to do this, you can simply stop checking against your hash store, delete hashes you have, and stop storing new hashes. Alternatively, If you would like to limit the number of accounts that can be used under one ID, you can continue the same way, but also store a value with the hash that represents the number of times it has been used to verify. Enforce bans: This one does not have a solution. However, this relies on VRChat having already allowed users to verify multiple accounts with one ID. This also assumes that the person is verifying under their own identity to begin with, which is made less likely by the previous sentence. Abusers of this system would also likely rack up many verifications/accounts as they would have to keep verifying as they got banned over and over. If a limit is in place for how many accounts can be verified under one ID, it would be reached. If there is no limit, that number would still climb higher than a normal user of the platform, warranting further investigation. --- Overall, if any sensitive information is planned to be used to generate the hash, IE: Name, ID#, address. Then I personally think storing the hash with an association to a VRChat account is dangerous, and should not be done. It is not really required to do the main purpose of storing a hash in the first place, preventing ID reuse, and increases risk to users in the event that the hashes are leaked. If no link between a specific VRChat account and their hashed private information is stored, then no individual VRChat user is identifiable.

Please offer reasoning below to the contrary, but I can't think of a valid reason for why you'd want to hide the fact that you are 18 or older. Conversely, I can think of reasons a bad actor might wish to hide that they were an adult in order to fit in better with groups they shouldn't be involved with. To that end, I believe that once you recieve verification, it should be a permanent feature on your profile unless someone can think of a valid reason for why this information should be hidden, this also means that Verified 18+ users shouldn't recieve the middle age verified without an age. Feel free to offer any thoughts!