Three hacktivists tried to find a workaround to Discord\u2019s age-verification software. Instead, they found its frontend exposed to the open internet.<\/h5>\n\n\n\n
By L0la L33tz<\/p>\n\n\n\n
Ten days ago, the social chat app Discord announced<\/u><\/a> that it would launch \u201cteen-by-default\u201d settings for its global audience. As part of this update, all new and existing users worldwide will have a teen-appropriate experience, with updated communication settings, restricted access to age-gated spaces, and content filtering that preserves privacy and meaningful connections, the platform said.<\/p>\n\n\n\n This, of course, means that to use Discord the way you are used to, you\u2019ll have to let it scan your face, and the internet wasn\u2019t happy. Many communities quickly announced their move to other platforms. Others, like the security researcher Celeste, who goes by the handle<\/a> vmfunc, were convinced there would be a workaround. <\/p>\n\n\n\n Together with two other researchers, they set out to look into Persona, the San Francisco-based startup that\u2019s used by Discord for biometric identity verification \u2013 and found a Persona frontend exposed to the open internet on a US government authorized server.<\/p>\n\n\n\n In 2,456 publicly accessible files, the code revealed<\/u><\/a> the extensive surveillance Persona software performs on its users, bundled in an interface that pairs facial recognition with financial reporting \u2013 and a parallel implementation that appears designed to serve federal agencies. On Monday, Discord stated<\/u><\/a> that it will not be proceeding with Persona for identity verification.<\/p>\n\n\n\n Persona Identity, Inc. is a Peter Thiel-backed venture that offers Know Your Customer (KYC) and Anti-Money Laundering (AML) solutions that leverage biometric identity checks to estimate a user\u2019s age that use a proprietary \u201cliveliness check\u201d meant to distinguish between real people and AI-generated identities. At a $2 billion valuation<\/u><\/a>, Persona powers identity verification processes for the likes of OpenAI, Roblox, Heritage Bank, and the ride-sharing service Lime. <\/p>\n\n\n\n Persona feeds on a growing trend of age-verification legislation that is making its way around the world. From the EU\u2019s Chat Control to the UK\u2019s Online Safety Act and the KOSA and EARN IT Acts proposed in the US, governments argue that as long as we can verify anyone\u2019s age on the World Wide Web, we can keep children safe from the dangers of free information. This, it seems, is far from true.<\/p>\n\n\n\n Beyond offering simple services to estimate your age, Persona\u2019s exposed code compares your selfie to watchlist photos using facial recognition, screens you against 14 categories of adverse media from mentions of terrorism to espionage, and tags reports with codenames from active intelligence programs consisting of public-private partnerships to combat online child exploitative material, cannabis trafficking, fentanyl trafficking, romance fraud, money laundering, and illegal wildlife trade.<\/p>\n\n\n\n Once a user verifies their identity with Persona, the software performs 269 distinct verification checks and scours the internet and government sources for potential matches, such as by matching your face to politically exposed persons (PEPs), and generating risk and similarity scores for each individual. IP addresses, browser fingerprints, device fingerprints, government ID numbers, phone numbers, names, faces, and even selfie backgrounds are analyzed and retained for up to three years.<\/p>\n\n\n\n The information the software evaluates on the images themselves includes \u201cSelfie Suspicious Entity Detection,\u201d a \u201cSelfie Age Inconsistency Comparison,\u201d similar background detection, which appears to be matched to other users in the database, and a \u201cSelfie Pose Repeated Detection,\u201d which seems to be used to determine whether you are using the same pose as in previous pictures.<\/p>\n\n\n\n In short, the software \u201cflags you as a \u2018suspicious entity\u2019 based on your face alone,\u201d the researchers write. An act that may prove dangerous, as Persona\u2019s software has reportedly<\/u><\/a> made significant mistakes when attempting to estimate the age of users in the past. When paired with AML reporting, such suspicious analysis can quickly lead<\/u><\/a> to the unjust termination of bank accounts. And that seems to be exactly what Persona was built to do.<\/p>\n\n\n\n In addition to facial recognition, Persona\u2019s software is able to perform checks on financial data \u2014 including running checks on sanctions lists, running checks on cryptocurrency activity via the blockchain analysis firms Chainalysis and TRM Labs, and an interface to file suspicious activity reports (SARs) directly with US and Canadian federal agencies.<\/p>\n\n\n\n It\u2019s nothing spectacular for a KYC\/AML program, but it marks a growing trend<\/a> in AML compliance where financial service providers increasingly utilize AI features, such as automated social media screening, to determine risk scores for their customers. This carries inherent risks of discrimination based on factors such as race or political affiliation.<\/p>\n\n\n\n Identity verification efforts like these mislead people into thinking you\u2019re more protected. On the contrary, Celeste tells The Rage, \u201cyou’re making the internet less safe, not safer.\u201d \u201cNormies\u201d, they say, \u201cwon\u2019t be able to bypass these,\u201d while less benevolent people \u201cwill always find ways to exploit your system.\u201d <\/p>\n\n\n\n Computer scientists have long sounded the alarm that a central database of thousands of ID documents will always be a lucrative target for attackers. Just last year, 70,000 ID photos were stolen<\/u><\/a> from Discord and held at ransom. Every week, a new leak<\/u><\/a> places people at the risk of identity theft.<\/p>\n\n\n\n At best, Persona can be used to create comprehensive surveillance graphs of users for the companies it serves, the researchers say. At worst, the software could file automated reports directly with the government.<\/p>\n\n\n\n The exposed code, which has now been removed, sat at a US government authorized endpoint that appears to have been isolated from its regular work environment, according to the researchers. It is unusual for such a program to sit on dedicated infrastructure, and not on Cloudflare or Persona\u2019s shared systems, the researchers say.<\/p>\n\n\n\n \u201cYou do this when the data requires compartmentalization. When the compliance requirements for the data you\u2019re collecting, demand that level of isolation. When the damage of a breach is bad enough to warrant dedicated infrastructure,\u201d the researchers say.<\/p>\n\n\n\n From the publicly exposed domain, titled \u201copenai-watchlistdb.withpersona.com,\u201d which appears to query identity verification requests on an OpenAI database, the researchers found a FedRAMP-authorized parallel implementation of the software called \u201cwithpersona-gov.com.\u201d <\/p>\n\n\n\n FedRAMP, or the Federal Risk and Authorization Management Program, is a United States federal government-wide compliance program founded in 2011 that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. <\/p>\n\n\n\n The program, according to the researchers, performs product analytics and user behavior tracking on a government identity-verification platform, provides real-time user monitoring \u2014 every click, every page load \u2014 on a FedRAMP platform processing PII and biometrics, and includes financial identity-verification capabilities on the government platform. All of these features, the researchers note, may also be available in the implementation used by OpenAI, though no direct feedback between the two platforms could be determined.<\/p>\n\n\n\n The difference seems to be that OpenAI may have created an internal database for Persona identity checks that spans all OpenAI users via its internal watchlistdb. \u201cThey quickly used this opportunity to go from comparing users against a single federal watchlist, to creating the watchlist of all users themselves,\u201d the researchers write, noting that this is not necessarily a new development. Persona\u2019s CEO has since personally reached out to the researchers, but the watchlist has not been addressed, says Celeste.<\/p>\n\n\n\n The government implementation, on the other hand, features data that is served by an ONYX deployment \u2014 a mere coincidence in name, or a potential link to Fivecast ONYX<\/u><\/a>, as the researchers point out \u2014 an AI-powered \u201copen source\u201d surveillance platform purchased by ICE for $4.2 million in 2023, the same year that Persona\u2019s now exposed service first came online.<\/p>\n\n\n\n![\"\"\/](\"https:\/\/www.therage.co\/content\/images\/2026\/02\/the-rage-persona-dashboard-1-1.png\")
Persona, Beyond Age Verification<\/h2>\n\n\n\n
A Wake Up Call<\/h2>\n\n\n\n