It might give momentum to age-verification schemes like Apple Wallet [0]. Apple gets the state ID in wallet and exposes an age verification API to apps like Discord; Discord queries the API and relies on Apple's age verification without ever getting access to the personally-identifying information.
[0] https://medium.com/@drewsmith_6943/apple-wallet-id-is-the-so...
Maybe not wallets but regular "sign in with X" SSO.
If all the X's can agree that one of the claims in the SSO is "is_adult", then at least you limit the exposure of your government ID to X getting breached, while all the "sign in with X" sites won't have access to the ID itself, just the claim.
Of course, pretty much every X gets breached anyway, and the walled garden shenanigans are not attractive, but it's better than ever site getting your ID.
That's why Apple's Wallet might be better: it depends on device-level security including elements stored on-device that Apple does not have and without which Apple cannot decrypt the information. There is obviously some sort of syncing between devices, but each device is authorized separately, and apparently Apple cannot view the Wallet data on its servers. Yes, it's a walled garden, but I trust Apple more than Facebook, Google, or X.
This makes me hate the Twitter rebrand even more. I'm reading your use of "X" as generic name to be filled in as needed vs the poorly rebranded Musk owned platform. Then again, I could see that platform actually promoting its services to do this very thing.
Oof, I didn't even think about x/twitter... that was a poor choice of variable name! I shall try to eXcrete smarter in the future.
it's time to bring back metasyntactic variables
https://en.wiktionary.org/wiki/foo
as a fan of Mr. Robot, I like to use evilCorp to be replaced by which ever one is being discussed.