UK mobile operators launch age verification and anti-fraud APIs through GSMA Open Gateway initiative
Virgin Media O2, together with BT, EE, and Vodafone Group, have announced the commercial launch of new network technologies in the UK that will help online platforms verify customer ages and combat digital fraud.
Delivered through the GSMA Open Gateway initiative, CAMARA-standardised Application Programmable Interfaces (APIs) give developers simple, secure tools to protect consumers and comply with new UK safety laws.
The GSMA Open Gateway programme, now backed by more than 79 mobile operators worldwide, facilitates the design of digital products capable of operating seamlessly on all devices, regardless of the country or operator. Liberty Global has been part of this industry-wide initiative since launch at Mobile World Congress 2023.
The latest collaboration in the UK addresses two pressing challenges in the digital landscape: the need for robust age verification following new legal safeguarding laws and the escalating threat of online fraud.
The launch comes just weeks after the Online Safety Act came into force in the nation, mandating age checks for platforms hosting user-generated content. According to the Age Verification Providers Association, UK consumers are now undergoing five million additional age checks every day under the new law – highlighting the pressing need for scalable, frictionless verification.
On top of other CAMARA APIs already available in the market, the operators are now providing developers three further APIs to support consumer protection and fraud prevention:
- KYC Age Verification API (Available Now): Checks whether a customer is eligible for age-restricted products and services. Since operators already manage verified user data, such as date of birth linked to mobile numbers, they can provide a seamless and privacy-compliant solution for digital platforms. The API can be applied in various scenarios, including streaming services, gaming platforms, online marketplaces, and adult content websites.
- KYC Tenure API (Available Now): Helps build trust by providing a simple and efficient method to determine whether a phone number has been in use for a significant period, offering a strong indicator of user stability and reducing reliance on self-reported identity data. It checks whether the lifetime tenure of a given phone number is longer than an input date provided by the customer.
- KYC Match API (available by end of-2025): Allows businesses to cross-check customer-provided information with the verified records maintained by the user’s mobile network operator, as part of their KYC (Know Your Customer) process. This cross-check comparison can include details such as mobile phone number, name, postal code, address, birthdate, and email address. Importantly, no Personal Identifiable Information (PII) is shared in the process, ensuring user privacy while enabling secure and accurate verification.
Henry Calvert, Head of Networks, GSMA, said: “Age assurance is just one area where the smart use of mobile networks can support online entertainment and commerce sites, and safeguard consumers. By giving developers easier, secure access to the rich network functionality of mobile networks, we can also use network intelligence in the fight against fraud and scams. We’ve already seen the results UK mobile operators and banks have achieved through Scam Signal and look forward to building on these foundations.”
Matt Hemingway, Head of Network-As-A-Service, Virgin Media O2, said: “Through GSMA Open Gateway, Virgin Media O2 are taking a stand against digital fraud and identity theft. By launching these first APIs, we’re giving enterprises and developers the tools they need to deliver safer, more trusted digital experiences for consumers. This is a vital step in building a more secure connectivity ecosystem for the UK.”
