With iOS 26.4, Apple has turned every iPhone in the UK into an identity checkpoint. The update, released March 24, requires all UK users to confirm they’re 18 or older before accessing certain features and services on their Apple Account. Apple checks whether your account already has a credit card linked or whether the account has existed long enough to establish you as an adult.
For many existing users, the process is essentially automatic. For everyone else, the options narrow quickly: link a credit card, scan a government-issued photo ID, or accept that your account defaults to teen restrictions, with Apple’s Web Content Filter and Communication Safety features switched on across all browsers and messaging apps and FaceTime, monitoring communications.
This is obviously terrible news, but I take some relief in knowing that users with relatively old account will hopefully not have to go through ID verification. I also wonder if Apple can tell the difference between a credit card and debit card? I suspect they can’t. If memory serves me right, in the US only credit cards can be used online. Or least it was like that for a very long time. Whereas in Europe VISA debit cards could always be used online. You never needed a credit card. And teenagers can have checking accounts.
I hope that when you give your credit card once, and then only use gift cards to shop in the app store, Apple won’t ask you to verify your ID again.
Also, Apple allows you to change your name in your Apple ID profile. If my name on my Apple ID is Max Cob, but my legal name is Maxine Cobbleton, will they reject my ID verification?
What if I have a middle name? I’ve never shared my middle name with Apple. And what if the name on my credit card is not my name? Virtual Card providers allow you to create cards for family members, and it doesn’t need to have their name.
The fact that we a losing this fight does not give me hope for our fight against digital ID.
On the plus side, maybe this will make people (including some on this forum) realise that Apple cannot guarantee your privacy, since they have full control over what you can and can’t do on your (theirs) phone.
When California age-gates OSes, you will have those who have hardware they own, and those who have to give their information to a third-party to continue using their hardware.
and this is Apple-specific, Apple complies with absolutely every censorship/restriction from authoritarian leaders.
Apple can tell the difference between credit cards and debit cards.
If a user verifies with a driving licence, a unique digital signature is generated. That signature, the encrypted image of the driving licence, and the live facial confirmation are then sent to the DVLA (the UK’s equivalent of the DMV).
Many British people do not own a driving licence or a credit card (most UK users have a debit card, which cannot be used to verify)). Apple did not do their market research adequately.
Most alarmingly, Apple was neither requested nor required to implement Age Verification by Ofcom under secondary legislation or primary for that matter. Apple acted voluntarily and beyond scope.
Does this mean I was right about how debit cards work in the rest of the world compared to the US? Meaning they (American debit cards) cannot be used online.
This is exactly why I raised my point. I hope there is away banks can confirm a user is over 18 to Apple without apple receiving any personal information from them.
Thanks for clarifying. Was this always the case? I ask because I know that the US didn’t get chips in their credit cards until a good decade after Europe, if I am not mistaken.
I don’t think this is required by the Online Safety Act. There is no requirement for any kind of OS-level age checks. That’s the first reason to blame Apple.
The second is that not only does it restrict the installation of apps (not sure if only 18+ apps or even 16+ apps?) but it also scans all incoming and outgoing messages for nudity and blocks it and even filters the web. Apparently the internet blacklist applies both to Safari and third-party browsers and - according to some comment I saw on Reddit - it can’t even be circumvented with a VPN! This is clearly beyond the scope of the OSA which never mandated browser filters! (In fact, in the UK all ISPs already filter adult websites by default.)
New user here, longtime lurker. May be able to shed additional light on the issue. I updated to 26.4 the day it dropped, have not verified (refusing to).
The app install blockage was the “error” that Apple mentioned in that PR piece a couple weeks ago. App installs work across the board still, for new and previously downloaded apps, including 18+ rated ones (tested by starting a download of Resident Evil 4). Did think that was a little odd, but I’m not exactly for this change so I’ll look past it.
The website blocklist is applied to all browsers because the OS now enforces the use of Screen Time content filtering if you haven’t verified. While it’s the same setting you would previously find in the Settings app, you can’t turn this off if you haven’t verified either. Attempting to do so will just throw the verification screen up again. The filter list is set to “Limit Adult Websites”, whatever that means. In theory of course, this could change over time based on whatever is determined as fitting the bill. There aren’t any other content restrictions controlled by this yet, and I can freely change the age restriction for apps still.
The only other thing I’ve found so far is that turning on/off Safari extensions is now also disabled without verification. So you’d best be happy with what you had before you installed 26.4 because you can’t change it after if you don’t verify.
I haven’t personally verified the nudity blurring thing, but could absolutely see that being an additional thing that’s enforced here. Believe I read this on Reddit somewhere, but no supporting evidence iirc.
I’m also able to download third-party browsers as they’re all classified as “16+” which is apparently not blocked.
(I haven’t actually tried the web filters or how they can be circumvented (DNS? VPN? Tor Browser?) as my online iOS device is my work phone and I don’t want to visit porn sites with it)
If you go to Settings > Apps > Safari > Extensions, is that entire list (if any items exist) not greyed out for you? Not a single item is available for me to turn on/off, so getting new extensions will not be possible. I’m entirely reliant on previously installed extensions and their own controls.
Once again, app installs also do not appear to be blocked in any capacity. Only place I’ve seen cite a statement from Apple on this was The Verge (gift link below).
Apple’s statement was this:
Some users on the beta software in the UK temporarily saw a message suggesting age verification is required to download apps. That message was displayed in error, and has been fixed. Developers may continue to use the Declared Age Range API to provide age appropriate experiences for users.
They’re clearly calling attention to any restriction on installing apps in this version of iOS. Stands to reason that would change in future of course, but there is no restriction as of now.
No, it shows my one extension (uBO Lite) with the option to turn it off and a list of recommended extensions below and a “More Extensions” button linking to the App Store. Nothing greyed out for me. I have not verified my age and the Apple ID is about 4 years old.
It’s a company managed device though (through Microsoft Company Portal), not sure if that makes any difference? Maybe that makes Apple think “it’s probably an adult, we can turn off the silliest restrictions”. But that’s pure speculation.
That is odd, though I think you may be on to something. Could be that an assumption is being made there, i.e. the account on a provisioned corporate device must be an adult, or that the administrator has enforced it at a higher level. I would like to think the latter was at least an option.
I’m wondering - in practical terms what do we think is the superior privacy option here for iPhone users who do not need to access otherwise restricted websites/apps? Clearly there are privacy problems with uploading your identity documents; but equally failing to do so means you cannot disable some potentially intrusive protection features. If we’re assuming we’re not all throwing away our iPhones tomorrow, what do we think is the preferable option here?
There is a serious case to be made that since this isn’t mandated by law, your iPhone is now broken by design. This would seem to warrant a refund for warranty.