The UK’s new age verification law could benefit mobile network operators the most

The British government’s Online Safety Act went live on 25 July 2025. This law requires digital companies to put age verification mechanisms in place to limit children accessing ‘harmful’ online content. The implementation of this law has caused a great deal of controversy and has received a mixed reaction from the public. However, the law is unlikely to be withdrawn because governments around the world are already preparing to follow suit (including multiple US states, Canada and the European Union), using the UK as a model.

Most objections to the law focus on privacy concerns and are linked to intrusive age verification methods that involve ID uploads and facial scans, but mobile network operators (MNOs) are uniquely positioned to deliver a secure, low-friction alternative via mobile-number-based verification. Indeed, they have already seen a significant uplift in traffic for their Know Your Customer (KYC) Age Verification API, which in turn may kickstart their network API monetisation initiatives.

This article explores the current state of the age verification market in the UK, assesses MNOs’ progress and discusses the business case for MNOs.

MNOs have a unique advantage in the fragmented age verification market

The Online Safety Act has already affected a wide range of industries, such as social media, gaming and adult entertainment. Ofcom now requires all online platforms that host potentially harmful online content to implement ‘highly effective’ age verification, from a list of compliant methods such as photo ID matching, facial age estimation, open banking, MNO checks, credit card checks, digital identity wallets and email-based estimation. This has resulted in a fragmented landscape, though many major platforms are leaning towards photo ID and facial recognition.

New AI-driven approaches are also emerging. YouTube introduced its age estimation model on 13 August in the USA, which uses data points such as account age and watch and search history to estimate a user’s age. Various start-ups are also trialling experimental AI solutions that use voice characteristics, typing cadence, phone tilt and other behavioural biometrics to verify users’ ages.

All age verification methods come with trade-offs, but MNOs are uniquely positioned to offer a low-friction, user-friendly and privacy-preserving solution. MNO checks via the KYC Age Verification API require no personal data or photo uploads, just a mobile number and a one-time password. The result is a simple yes, no or inconclusive response. Conversely, estimation-based methods such as facial recognition, photo ID matching or email analysis rely on inference and often raise privacy concerns.

Open banking offers similar robustness but introduces friction by redirecting users to their banking app, which can disrupt the user journey and reduce conversion rates. MNO checks are also among the most cost-effective options from a commercial standpoint; they are often cheaper than facial age estimation and photo ID matching methods.

MNOs have seen strong traction for age verification checks since the Online Safety Act came into effect but face challenges in gaining market share

MNOs saw a significant surge in traffic in the days after 25 July. OneID, a leading identity verification provider specialising in open banking and MNO-based checks, reported over 3.4 million MNO age verification requests within just 5 days. It also noted a 3000% rise in traffic. Other identity verification providers, including Sekura.id and Yoti, reported similarly sharp surges in usage. Each KYC Age Verification API call costs an estimated USD0.20, so this volume of traffic has the potential to generate USD600 000 in revenue for UK operators from OneID alone in under a week, provided that every request returns a successful yes/no verification. When factoring in traffic from other providers, total revenue exceeding USD1.5 million is possible.

Traffic has naturally tapered off since the initial surge, but the average daily volume of age verification checks remains significantly higher than pre-legislation levels. This elevated activity could become a sustained norm if Ofcom moves to mandate regular, time-based age checks, as previously seen in France, where verification was recommended every 45 minutes in some cases (though this frequency proved very unpopular and was eventually abandoned). This reinforces the long-term value proposition for MNOs.

MNOs still face significant challenges in gaining share in the age verification market, despite this traction. MNO checks currently only provide a conclusive result in just over 50% of cases, meaning that just under half of all mobile numbers in the UK cannot be correlated with the age or personal details of an individual. This is far below the 85–90% success rate that most businesses demand. And therefore, in reality, the actual revenue earned by operators is likely to be around half of its potential. This is due to the following key factors.

• A large share of all SIMs are part of family plans, and the MNO can only check the age of the bill-payer, not the dependants. However, MNO checks can detect if a mobile number has parental locks in place, which indicate that the user is under 18.

• Prepaid connections, which make up 21% of mobile subscriptions in the UK, lack mandatory ID registration, thus reducing verification accuracy.¹

• Mobile virtual network operators (MVNOs) account for approximately 19% of mobile connections in the UK, but do not yet provide the KYC Age Verification API.¹

• MNOs were forced to throttle traffic on 25 July due to overwhelming demand and network capacity issues. This could continue to be a problem if traffic levels remain high.

MNO checks only succeed around 50% of the time, so businesses must rely on multiple fallback methods (provided by the identity verification vendor), which drives up costs and frustrates users with extra steps. MNO checks will remain too risky and inefficient to be a primary solution unless MNOs improve their coverage. Therefore, it is essential that MNOs address the above issues to stand a chance of gaining market share.

MNOs now have a business case to justify investments

MNO checks are not new; they have been available in the UK since 2016 as part of the Mobile Connect network API standardisation initiative. MNOs have long been aware of the limitations, yet progress to address them has been slow. The Online Safety Act now presents a clear business case, backed by hard data and regulatory momentum, to finally address these issues. Indeed, MNOs have a timely opportunity to strengthen their position while Ofcom actively investigates the effectiveness of age verification methods, penalises non-compliant platforms and potentially sets clearer minimum standards. Furthermore, MNO checks are the only verification method that do not charge for a ‘failed’ verification due to the high potential failure rate. The revenue potential is substantial, both in terms of volume and monetisable traffic, if MNOs can improve their success rates and reliability.

For more information on operator network API monetisation initiatives, network API demand and supply activities and a forecast of the network API market, see Analysys Mason’s NaaS Platforms and Infrastructure research programme.

¹ See Analysys Mason’s DataHub.