Agentic Surfaces
5.3 Established

Proof of personhood without challenge tests

A human-verification step that issues a privacy-preserving, rate-limited token via device attestation, with an in-person fallback that mints an equivalent time-limited token.

01 Emerging Challenges

As agents defeat the challenge tests that once both blocked bots and rationed access by friction, government has to confirm a real, distinct human at the door without falling back on a method that shuts people out.

The old test fails on both sides: AI has defeated most CAPTCHA types, and the test itself excludes people with disabilities. The W3C's "Inaccessibility of CAPTCHA" working note records that "the very nature of the interactive task inherently excludes many people with disabilities, resulting in a denial of service to these users."

The condition to design for is proportionate proof of personhood: confirming a real human without an identity dragnet and without an accessibility barrier.

02 Assurance

Government needs to confirm that a request comes from a real, distinct human without running an identity dragnet or collecting biometric data, so that bot abuse is curbed while the person keeps their pseudonymity.

03 Access

Device-bound attestation excludes people without compatible devices. Government implementations must provide a non-device-dependent pathway (e.g. in-person identity verification that generates a time-limited token), and never rely on a CAPTCHA modality that denies service to people with disabilities.

04 Response surface
Service design Considered
The response this pattern proposes

A silent device-attestation check confirms human presence and issues a privacy-preserving, rate-limited token, with an explicit 'verify in person instead' route, in place of the visual CAPTCHA that denies service to people with disabilities.

No surface has been built yet; the approach above is the brief for one.

05 Maturity
  1. Established Headline

    For biometric approaches, though these remain contested.

  2. Emerging

    For the cryptographic, privacy-preserving response this pattern proposes — workable today but not yet a settled government practice.

06 Transferability

The transferable principle for government digital services is to verify human presence with a privacy-preserving, rate-limited token rather than a challenge test or a biometric registry. The rate-limited token model (Privacy Pass and related schemes) carries that principle:

  • It does not require biometric data collection.
  • It builds on existing device attestation infrastructure.
  • It can be layered onto existing government identity systems (myGovID, GOV.UK One Login) to provide rate-limited but privacy-preserving access.
  • The IETF (Internet Engineering Task Force) standardization provides an interoperable foundation.

Biometric proof-of-personhood is unlikely to be appropriate for government services in democratic jurisdictions, given regulatory hostility and the surveillance implications.

07 Where things go wrong

This is an access-gating pattern; the failure to avoid is an automated personhood check silently excluding people who cannot pass it. A mandatory non-device fallback is the safeguard against that exclusion.

08 Sources
8 references W3C · Global · Kenya · Spain · IETF · NZ
Primary frameworks
  • W3C — Inaccessibility of CAPTCHA W3C 2021 w3.org

    W3C Group Draft Note (16 December 2021): the interactive task 'inherently excludes many people with disabilities, resulting in a denial of service.'

  • Spain AEPD — Worldcoin precautionary measure Spain 2024 aepd.es

    6 March 2024: ordered Tools for Humanity to cease collecting and processing personal data in Spain and block data already collected.

  • Privacy Pass (RFC 9578 / RFC 9577) IETF 2024 rfc-editor.org

    IETF-standardized issuance protocol behind device-attested, privacy-preserving tokens (Cloudflare, Apple, Google, Fastly).

  • New Zealand Government — CAPTCHA and accessibility NZ 2025 digital.govt.nz

    Government guidance to avoid CAPTCHAs where possible and use accessible alternatives.

Evidence & reporting
  • World ID / Worldcoin Global 2025 world.org

    Operator's description: iris images via the Orb prove unique humanness; zero-knowledge proofs reveal only a valid World ID, not identity.

  • Vitalik Buterin — biometric proof of personhood 2023 vitalik.eth.limo

    Argues one-person-one-ID erodes online pseudonymity and can be defeated by fakes that fool the Orb or by coerced scans.

  • Kenya High Court — Worldcoin biometric data ruling Kenya 2025 cipit.strathmore.edu

    5 May 2025: collection of biometric data found unlawful; deletion ordered within seven days.

  • IETF — Rate-Limited Token Issuance Protocol (draft) IETF 2024 datatracker.ietf.org

    April 2024 Internet-Draft specifying per-origin rate-limited tokens; has since expired.