Cookie Settings
close

These items are required to enable basic website functionality.

Required

These items are used to deliver advertising that is more relevant to you and your interests.

These items allow the website to remember choices you make (such as your user name, language, or the region you are in) and provide enhanced, more personal features.

These items help the website operator understand how its website performs, how visitors interact with the site, and whether there may be technical issues.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Let's talk!

Have questions or interested in Kairos AI? Contact our Sales team! Fill out the form below, and we'll get back to you promptly to assist with any inquiries.

Thank you!
Your submission has been received!
Oops! Something went wrong while submitting the form.
Back to Kairos Blog

AB 1043 Is Coming: Turn California’s New Age Signal into Safer, Higher-Converting Experiences

Published on
September 16, 2025
By
Team Kairos

California’s AB 1043—often called the Digital Age Assurance Act—marks a simple but significant shift: instead of every app guessing a user’s age, operating systems and app stores will send an age-bracket signal to apps. That shifts age assurance from a scattered, app-by-app problem to a shared layer of infrastructure. It’s privacy-preserving (no default ID uploads), it gives developers actual knowledge of a user’s age range, and it creates a clearer path to age-appropriate defaults.

What it doesn’t do is finish the job for you.

To comply and still grow, product and trust teams need a progressive age-assurance ladder: rely on the OS signal when it’s available, and step up seamlessly to low-friction checks—or hard verification—only when risk or regulation demands it. That’s where Kairos fits cleanly.

What AB 1043 actually changes (in plain English)

  • OS/App-store age signal. During device or account setup, a parent or guardian selects a child’s age/birthdate. The operating system and app store then expose a non-personal age bracket to apps (e.g., under 5; 5–9; 10–12; 13–15; 16–17; 18+).
  • “Actual knowledge” for developers. When your app requests and receives that signal, you’re expected to treat it as the primary indicator of age. In other words, you can act on it—and you’re presumed compliant when you do so in good faith.
  • Parental consent signaling (store context). If the user is under 16, the app store may have to capture and send parental consent status to developers as part of the signal.
  • Enforcement & scope. Civil penalties are enforceable by the California Attorney General; the bill is framed to minimize data sharing and reduce constitutional risk by avoiding blanket content mandates.
  • Timing. The law’s requirements kick in beginning January 1, 2027.

For product leaders, this means you’ll have a reliable, privacy-first way to know a user’s age range without forcing IDs at signup. For compliance leaders, it’s a clearer, auditable standard that reduces ambiguity around “actual knowledge.”

A practical playbook: the progressive age-assurance ladder

  1. Accept the OS age signal (default).
    Treat it as authoritative. Build your permissions, defaults, and safety rails around brackets (e.g., messaging, discovery, recommendations, in-app spending, and data sharing settings). Log receipt of the signal and key decisions for audits.
  2. Escalate to selfie-based age estimation (when needed).
    If the signal is missing (web contexts, legacy devices), inconsistent with observed risk, or the user is accessing higher-risk features (live chat, UGC creation, payments), use a one-selfie age estimate to keep friction low while preventing underage access to restricted features.
  3. Escalate to ID + liveness (for regulated or high-risk cases).
    Where law or policy requires strict proof (alcohol, adult, gambling, high-value transactions, appeals/overrides), move to document verification with liveness and optional biometric match. Keep this narrow and event-driven to protect conversion.

This ladder respects AB 1043’s privacy intent while giving you consistent guardrails, clear escalation points, and a strong audit trail.

Where Kairos fits (and why it complements AB 1043)

Kairos is API-first, with optional on-prem deployment. That means you can keep your existing identity stack and call only what you need, when you need it—no monolithic SDKs or heavy migrations.

  • Age Estimation via selfie (low friction): Gate mature features quickly when the OS signal isn’t available or is contradicted by risk signals.
  • ID Document Verification + Liveness (hard proof): Capture compliant proof of age when regulation or policy requires it, and use liveness to prevent spoofing.
  • Biometric Match (optional): Compare selfie to ID headshot to reduce impersonation in appeals or repeated failure scenarios.
  • API + On-Prem: Integrate over a clean API, and, if you have strict data residency or privacy requirements, deploy on-prem to keep sensitive media in your environment.

Implementation checklist

  • Signal intake & storage
    • Request OS/app-store age signal at download/launch and on account link.
    • Cache the bracket and consent status in your user record; store minimal metadata (timestamp, source, version).
    • Make the signal available to downstream risk and policy engines; never share it externally.
  • Age-bracket policies
    • Define defaults per bracket (DMs, social graph expansion, public discovery, recommendations, notifications, spending, personalization, ads).
    • Wire parental tools where relevant; reflect consent state from the store context.
  • Escalations
    • No signal → call Kairos Age Estimation (no document required).
    • Conflict or high-riskKairos ID + Liveness; optionally add biometric match to resolve appeals.
    • Log all escalations and outcomes with reason codes.
  • Auditing & appeals
    • Maintain an internal ledger: signal receipt, policy applied, escalations, and final decisions.
    • Provide an appeal path that upgrades assurance (e.g., from age estimate → ID + liveness).
  • Privacy by design
    • Minimize data (store age bracket, not full DOB, unless strictly needed).
    • Set retention aligned to legal needs and your threat model.
    • Segment storage for media (selfies/IDs) and restrict access.
  • Roadmap & readiness
    • Pilot on web and legacy surfaces where the signal won’t arrive.
    • Validate your January 2027 readiness with partners (payment, fraud, analytics).
    • Run an A/B: signal-only vs. signal+ladder to quantify conversion and safety deltas.

Why act now

Even before the effective date, aligning to AB 1043’s model pays off: your UX gets simpler (one source of age truth), compliance risk goes down (presumption of good-faith reliance on the signal), and your team can reserve heavier checks for the minority of cases that truly need them. That’s a win for families, regulators, and your funnel.

Ready to implement AB 1043 without killing conversion?
Kairos offers Age Estimation, ID Document Verification, Liveness, and optional Biometric Match—all via API, with on-prem available when you need to keep data in-house. Talk to sales now!

References & further reading

  • California Assembly Policy Committee Analysis of AB 1043 (age brackets, developer obligations, AG enforcement, privacy rationale). apcp.assembly.ca.gov
  • California Senate Judiciary Committee Analysis of AB 1043 (treat signal as primary; “actual knowledge”; presumption of compliance; privacy minimization). Senate Judiciary Committee
  • Legislative text summary indicating January 1, 2027 operative date and signal/API mechanics. LegiScan
  • Current status reporting that the Legislature has cleared AB 1043 and sent it to the Governor (signature deadline context). Politico
  • Assemblymember Wicks’ office: stakeholder and supporter context. a14.asmdc.org
  • Kairos product documentation (API-first), liveness and ID verification endpoints; on-premise option. Kairos

This post is for information only and does not constitute legal advice.

More from our Blog

Stay up to date on AI developments

Our experts weigh in on the latest industry technology.
From Blanket ID Checks to Smart Age Assurance: How to Comply with the UK’s Age-Check Rules Without Killing Conversion

In just two weeks of the UK’s age-gating taking effect (24 July → 8 August 2025), traffic cratered across the biggest platforms: Pornhub’s daily UK visits fell from 3.6m to 1.9m (-47%), XVideos also dropped 47%, and xHamster slid 39%—all from Similarweb data reported via the BBC; OnlyFans saw an additional ~10% decline in UK traffic over the same period.

Read post
BritCard: Digital ID’s Next Chapter—Promise or Peril?

The BritCard proposal put forward by Labour Together envisions a mandatory, universal digital identity credential—downloaded onto smartphones—that would verify right-to-work and right-to-rent status, streamline access to public services, and help combat illegal migration. As Kairos—a leader in AI-driven identity verification—continually monitors government digital ID initiatives, it’s crucial to examine the diverse perspectives emerging in the wake of the BritCard proposal and explore how it aligns with our mission to deliver secure, user-centric identity solutions.

Read post
Introducing Our New Liveness Model: A Leap Forward in Biometric Security

Discover Kairos' latest breakthrough in biometric security with our new liveness model. Designed for passive, selfie-based liveness verification, this enhanced model leverages more data, advanced deep learning backbones, and improved score distributions to deliver greater accuracy and security against spoofing attacks. Experience a seamless and robust authentication process that stays one step ahead of emerging threats.

Read post
Adoption of Digital Identity in Airline Transit: A Global Overview

Digital identity is transforming international air travel by replacing paper documents with biometrically verifiable digital credentials. This report chronicles the evolution of travel identity from biometric passports (ePassports) introduced in the mid-2000s through emerging digita (IATA One ID biometrics trial cuts airport processing times by 40% | Biometric Update)ntials (DTCs) in the 2020s. It analyzes the key stakeholders—global bodies like ICAO and IATA, national authorities, industry () privacy advocates—and the technologies and standards enabling a seamless passenger journey. Case studies from India, Singapore, the EU, the U (Skip the Surveillance By Opting Out of Face Recognition At Airports | Electronic Frontier Foundation)try initiatives illustrate both the successes and challenges of implementation. International regulations (e.g. ICAO Annex 9 and 17 standards, GDPR in Europe) provide a legal framework, while outcomes are evaluated in terms of security enhancements (e.g. fraud reduction), efficiency gains (faster processing), passenger experience, and inclusivity. The findings show that digital identity systems can sign ()duce queues and identity fraud** (for instance, biometric boarding cut boarding times by up to 9 minutes and U.S. border biometrics have intercepted thousands of imposters). However, concerns around privacy, data security, system reliability, and bias remain pressing. Best practices emerging from early adopters include robust governance partnerships, privacy-by-design (with informed opt-in consent), open standards for interoperability, and maintaining alternative processes for those unable to use digital IDs. Looking ahead to 2030, the report forecasts accelerating global adoption of digital travel identity—potentially leading to a “passportless” travel experience—contingent on addre ()y and equity issues. Recommendations urge stakeholders to collaborate on common standards (like W3C Verifiable Credentials and ICAO DTC), invest in secure infrastructure and public education, enact clear legal protections, and ensure that convenience does not come at the expense of rights. With careful implementation, digital identity can enhance both security and facilitation in air travel, making processes faster and more user-centric while upholding privacy and trust.

Read post
Special Report: Government-Issued Digital Identity - Implementations in the US, UK, and Europe

Digital identity programs are transforming how citizens prove who they are both online and in person. In a recent commentary in The Times, Tony Blair emphasized that embracing technology—including digital identity and face recognition—provides governments with the tools to modernize public services while countering populism and enhancing crime prevention. Governments in the United States, United Kingdom, and across Europe are now rolling out centralized digital identity cards and systems that leverage advanced verification technologies. These systems aim to enhance security, prevent fraud, and streamline access to services while empowering citizens with robust, government-issued credentials.

Read post
Face Recognition Bias: From Rashida Tlaib’s Caution to Technical Solutions

In a recent open letter, Rep. Rashida Tlaib raised important concerns about the use of facial recognition technology in everyday environments. Tlaib highlighted that if these systems aren’t carefully designed, they can exhibit significant racial bias—misidentifying individuals of color at a much higher rate than white individuals. In her letter, she stressed the need for caution and thorough review, pointing out that studies have shown these systems may not work equally well across all communities. Her message isn’t an attack on any particular retailer; rather, it’s a call for everyone involved—from developers to companies deploying the technology—to ensure that fairness and accuracy are built into these systems from the ground up.

Read post
Kairos: Pioneering Online Safety for Kids in the Age of the Digital Revolution

In today’s digital jungle, keeping our kids safe online isn’t just an option—it’s an absolute must. Did you know that a shocking 22% of 8- to 17-year-olds are lying about being over 18 on social media? (BBC News) With the UK Online Safety Act set to be enforced in 2025, it’s clear that the digital world is about to undergo some major changes. And guess what? Kairos is ready to be the game-changer in creating a safer internet for our children.

Read post
How Facial Recognition is Revolutionizing Super Bowl LIX Security

When you think about the Super Bowl, images of incredible athleticism, passionate fans, and unforgettable halftime shows come to mind. But behind the scenes, a high-tech security infrastructure is working overtime to ensure that the event remains safe and secure for everyone. One of the standout technologies making a significant impact is facial recognition. Let’s dive into how facial recognition is being used at Super Bowl LIX, its benefits, and how it fits into a broader ecosystem of AI-driven security measures.

Read post
Why you don't need to worry about generative AI deepfakes with Kairos

Threat actors use generative AI deepfakes to create or manipulate facial images for identity fraud. The process involves either generating new faces or altering existing images tailored to the victim's identity or created to pass as a legitimate user using generative AI. To address the problem specific image capture security protocols and a robust liveness algorithm should be used to effectively block generative AI spoofing attempts.

Read post
Best Practices for ID Document and Selfie Submissions

This guide outlines essential practices for capturing and uploading ID documents and selfies, ensuring a smooth and secure digital onboarding experience. By adhering to these guidelines, users can significantly enhance the accuracy of identity verification, reducing errors and improving the overall success rate.

Read post
The Mechanics of AI in Identity Verification

As the landscape of digital identity verification rapidly evolves, Artificial Intelligence (AI) is at the forefront, reshaping traditional approaches. This deep dive into AI's role in identity verification is for those familiar with the nuances of data science and computer science.

Read post
The Role of Deep Learning in Facial Recognition Technology

Deep Learning, particularly Convolutional Neural Networks (CNNs), has revolutionized facial recognition technology. This layered approach enables the model to discern intricate facial patterns, enhancing recognition accuracy. Backpropagation, a key mechanism in CNNs, refines these features, significantly improving the model's ability to distinguish subtle facial characteristics.

Read post
AI Frontiers: Kairos Untangles Face Recognition Bias

Misidentification of people based on ethnicity, gender, and age plagues the facial recognition industry, and it’s a continuing mission of ours to fix this problem.

Read post
Understanding IDV: The Keystone of Digital Trust

In our increasingly digital world, 'IDV' or identity verification is more than a buzzword; it's a fundamental component of online security and trust.

Read post
Kairos Brings Back Founder Brian Brackeen To Continue Work Addressing Algorithmic Bias

Kairos, the Miami based face recognition provider who gained global attention in 2018 for its early stance to highlight algorithm bias in face recognition systems, has brought back Brian Brackeen, the founder of the company who in the same year was separated from his position as CEO preceding a legal battle which ended in Brackeen’s favor.

Read post
© 2024 Kairos AR, Inc.
PrivacyTerms