Children's Access Assessment and the Easy Way to Comply with the Online Safety Act

Momentum is building around the Online Safety Act (OSA) as the UK takes bold steps to make the Internet safer for children. At OneID®, this mission aligns closely with our purpose. We’re committed to helping online services easily, effectively, and without compromise comply with the OSA. 

The Online Safety Act requires online services to implement measures that will protect children from harm. The Children’s Access Assessment (CAA) is a cornerstone of the OSA. If your platform qualifies as a user-to-user or search service, you must complete this assessment within three months of Ofcom publishing its guidelines.

Ofcom published its statement on age assurance and children's access assessment on 16 January 2025. This effectively mandates online businesses complete their access assessment by 16 April 2025. 

So, does your website need to comply with the UK's Online Safety Act? If you operate platforms like:

• Dating apps
• Social media platforms
• Video-sharing services
• Gaming platforms
• Online retail sites (with user-generated reviews)
• Adult content services

…you will need to prepare for the Online Safety Act.

How to conduct a Children’s Access Assessment?

The Children’s Access Assessment involves two stages. Stage 1 requires platforms to answer one key question: ‘Is it possible for children to access your service?’

To confidently answer ‘no’ to this question and prevent under-18s from accessing harmful content on your platform, you must use a highly effective age assurance (HEAA) solution, such as OneID®’s age verification. Just this one simple integration on your platform, you can conclude that children cannot access your service and record it in your assessment. That’s it; you don’t need to go through stage 2!

What happens if you don’t have highly effective age assurance?

The process becomes more complex if you don’t have HEAA or the answer to your children’s access assessment is ‘yes – children can access services’. You’ll need to proceed to stage 2 to determine if the ‘child user condition’ is met. This applies if:

1. A significant number of children are using the service; and/or
2. The service is likely to attract a significant number of children.

You can only decide on this by reviewing user data and the nature of your service. Accurately identifying child users without a Highly Effective Age Assurance (HEAA) solution can be difficult.

If your service is likely to be accessed by children, then you must undertake a Child Risk Assessment (CRA), and document and implement measures to mitigate the risks. This process involves additional time and resources.

Highly effective age assurance significantly reduces this burden and ensures compliance with the Online Safety Act age verification requirements.

Why choose OneID® for age verification?

Our bank-based identity verification technology provides:

• Seamless, highly effective age verification for the Online Safety Act, meeting UK government guidelines.
• Privacy-first assurance, so users can prove their age without sharing unnecessary details.
• Efficient and accurate compliance preparing for the Online Safety Act.

By integrating OneID®, you can avoid penalties for not complying with the Online Safety Act, streamline age verification, and create safer spaces online.

Learn how to set up age/user verification for Online Safety Act compliance.

Our webinar, The Online Safety Act – a Dating Sector Case Study on Reducing Onboarding Friction While Meeting Compliance Deadlines – looks to support online businesses to comply with the Online Safety Act. Hear directly from Ofcom – the regulators for the Online Safety Act; Illuminate Tech – regulatory experts; and OneID® -- the solution providers for age verification and age assurance.