Online Safety Act 2023 · GDPR-K · COPPA-aligned

Child-safe OAuth — zero child PII on your servers.

Businesses integrating age-gated platforms don't just need a boolean age check. They need a full parental consent flow, a proxy identity for the child, and the ability to honour revocation — without ever holding a child's real data.

Proveium handles the entire consent lifecycle. Your integration receives a verified age assertion and a proxy identity. The child's real name, email, and DOB never leave the parent's Proveium vault.

How it works

Four steps. One integration. Full parental control.

01
Child attempts to access your platform
Your OAuth flow redirects to Proveium. Age is detected as under your configured threshold.
02
Parental consent requested
Proveium notifies the linked parent via the app. The parent reviews your platform's data request and approves or denies.
03
Proxy identity issued
Proveium issues a masked email address and a signed age assertion to your platform. No real name, no real email, no DOB.
04
Parent retains full control
The parent can pause or revoke access at any time from the Proveium app. Revocation is immediate — your platform receives a webhook.

What your integration receives

Everything you need to deliver a safe, age-appropriate experience — nothing you shouldn't have.

Verified age assertion

A signed boolean or age-band claim. Never the actual date of birth.

Proxy identity

A masked email address scoped to your platform. The child's real email never leaves Proveium.

Consent receipt

A cryptographic record of parental approval — time-stamped, revocable, auditable.

Revocation webhook

When a parent revokes, your platform is notified in real time. No polling required.

Parental activity alerts

Parents receive push notifications for sign-in events on their child's proxy account.

Full audit trail

Every consent event, sign-in, and revocation logged immutably. Ready for regulatory review.

Built for the regulated internet

Child-safe OAuth is designed from the ground up to satisfy the frameworks that matter.

Online Safety Act 2023

Designed to support OFCOM age-assurance obligations without building your own identity stack — providing technical evidence for compliance reviews.

GDPR-K

No child personal data on your platform, ever. GDPR Article 8 consent is obtained and stored inside the parent's Proveium vault — not yours.

COPPA-aligned

Designed to support COPPA compliance — parental verification handled by Proveium before any processing occurs on your platform. Platforms retain their own COPPA obligations.

eIDAS compatible

Expand to EU markets without rework. Cryptographically signed age assertions are accepted across eIDAS-aligned jurisdictions.

Ready to build a safer platform?

Talk to our team about integrating child-safe OAuth into your platform. Implementation typically takes one sprint.