A security consultant has‘European Union age verification app hacked’ to analyze and test its operation, as well as Reveal your weak points.
The European Commission presented this Wednesday the new application to verify the age of users who access social networks and thus verify that the platforms respect the access limits for minors.
Without knowing the technical details of this application, security consultant Paul Moore has decided to test the security it offers and after his analysis, he assures that he has managed to hack it “in less than two minutes.”
This is what he shares in a publication on the X network, where he explains and shows with a video the privacy problem he identified. First, the application asks for a four- to six-digit PIN to access it later. That PIN is encrypted and saved in a file.
Hacking the #EU #AgeVerification app in under 2 minutes.
During setup, the app asks you to create a PIN. After entry, the app *encrypts* it and saves it in the shared_prefs directory.
1. It shouldn’t be encrypted at all – that’s a really poor design.
2. It’s not… https://t.co/z39qBdclC2 pic.twitter.com/FGRvWtWzaZ— Paul Moore – Security Consultant (@Paul_Reviews) April 16, 2026
Moore has indicated that the PIN should not be encrypted, since it is a “really poor design”and furthermore, is not cryptographically linked to the repository containing the identity data.
Subsequently, the consultant has been able to prove how You can delete the encryption PIN from the application file and enter the previously configured profile. “An attacker can simply remove the PinEnc/PinIV values from the shared_prefs file and restart the app,” he noted.
Once a different PIN has been chosen, the application presents the credentials created in the previous profile, allowing the attacker to show them as legitimate.
Besides, identified problems in other parameters within the application, such as ‘rate limiting’ or ‘UseBiometricAuth’. The latter is presented as a ‘boolean’ variable that can be omitted.
Beyond showing the weaknesses of the application, Moore has sent a warning to the president of the European Commission, Ursula von der Leyen: “This product will end up causing a big gap at some point. It is only a matter of time.”
Nevertheless, the application tested by Moore is not the definitive onesince von der Leyen noted that it will be ready “very soon”, without offering a clear schedule. However, the app is currently in a pilot program for France, Denmark, Greece, Italy, Spain and Ireland.
https://www.posersoftware.com/users/nabiga5362
https://www.shippingexplorer.net/en/user/nabiga5362/273345
https://lawschoolnumbers.com/nabiga53
https://www.extra-life.org/participants/568559
https://www.halaltrip.com/user/profile/335661/nabiga/
https://allods.my.games/forum/index.php?page=User&userID=240252
https://wemixplay.com/community/YMIR/12/562
https://codeberg.org/nabiga5362
https://thangs.com/designer/nabiga5362
https://talk.plesk.com/members/nabiga5362.499410/
https://3dwarehouse.sketchup.com/user/c3f62668-182d-4d04-9f49-c070f492a96a
https://findaspring.org/members/nabiga5362/
https://writexo.com/share/7f4959f21325
https://meadd.com/bitoh91245
https://lawschoolnumbers.com/bitoh91245
https://devpost.com/paleftina601
https://www.bandlab.com/user9112475766612056
https://coderwall.com/%D0%90%D0%BB%D0%B5%D1%84%D1%82%D0%B8%D0%BD%D0%B0%20%D0%9F%D0%B5%D1%82%D1%80%D0%BE%D0%B2%D0%B0
https://wakelet.com/@AleftinaPetrova80319
https://www.zubersoft.com/mobilesheets/forum/user-131903.html
https://network.crcna.org/user/215650
https://www.magcloud.com/user/benbemer94