Depends entirely on how it’s implemented, because the website doesn’t need to know who you are, only verify that you are over 18. Which can be done reasonably securely - you generate a random ID on a secure service, give that ID to the website, and the only communication between the two of them is “Is id 123 valid and an adult? Yes/No”.
Now, if that “secure service”, most likely a government contract done as cheaply as possible turns out not to be, and they keep logs linking those IDs to the URLs requesting verification, then the entire thing goes belly up.
BlameTheAntifa@lemmy.world 7 hours ago
So your bank now knows you accessed certain websites. And you are okay with that?
JohnEdwa@sopuli.xyz 7 hours ago
Was an example of the security, not who is running the service. But I mean, guess who knows if you pay for OnlyFans or stuff like that?
Your bank.
echodot@feddit.uk 1 hour ago
The bank doesn’t know what people pay for, or who it goes to, they just know what account you paid into. They would have to go through and verify who owns the account and that’s not an automatic process. Finding out the actual person or company behind an account requires effort, so unless there’s some investigation that involves that bank account, they won’t have that information.