Consulting / Age Verification & Child-Safety Compliance

Age Verification & Child-Safety Compliance

Age verification stopped being optional. The UK's Children's Code and the EU's Digital Services Act already require you to know roughly how old your users are; Texas and Utah have passed laws that push the check down to the App Store itself. Apple shipped the on-device APIs to answer the question without collecting a single birth date. I wire up the Declared Age Range API, Age Assurance, and Sensitive Content Analysis so your app clears App Review and the regulator's checklist in the same pass.

  • the Declared Age Range API and Age Assurance, so you get an age band from the system instead of building a birthday wall users lie to
  • Sensitive Content Analysis for on-device nudity, gore, and violence filtering that never sends an image off the phone
  • mapping the UK Children's Code, EU DSA, and US state requirements onto the specific iOS work your app has to ship
Recognition
App Store Best New Apps 2026 Product Hunt Product of the Day 2025 CES Best of Innovation 2021 CES Innovation Award 2021 Webby Honoree 2021 Google Material Design 2020
Credentials
Member of British Computer Society 2024 BEng (Hons) 2017 Apple WWDC Scholarship 2015

Tell me what you're working on. I reply within 48 hours.

What clients say

"Vadim was instrumental to the success Epsy enjoyed on iOS, taking it from an idea on a Miro board to the highest rated and most downloaded app of its kind on the store."

James C. · Mobile Engineering Lead, Epsy

"We had a strict deadline, and Vadim managed to complete the job in time. He gave us meaningful feedback and suggested better approaches, not trying to blindly stick to our specification."

Founder · Pre-seed streaming service

"I can say with confidence that it will be difficult to find a better developer. Vadim is achievement-oriented, highly organized, with very good communication skills."

Alex Z. · Co-Founder, eda.so

Related work

Article

Apple's Problem with Bodies

I shipped a wellbeing journal and discovered the App Store still isn't sure whether the human body is health, lifestyle, or sin.

 Silk preview
Silk
Project

Silk

The health metric your phone doesn't track
iOS Security 101-ish
Talk
iOS Security 101-ish
🇨🇿 mDevCamp, 2019

In this talk we will briefly cover all layers of iOS security architecture, delve into secrets of Secure Enclave and discuss the most common mistakes and vulnerabilities to prevent them from happening in the future, as well as have a sneak peek into penetration testing done right.

Common engagements

Pricing

Advisory
£110
per hour

Architecture reviews, hiring help, second opinions on that thing that's been bugging you.

Most popular
Project
£650
per day

Features, MVPs, migrations, firefighting. Minimum 5 days.

Retainer
£4,000
per month

Priority support: review agency code, join architecture calls, catch problems before they ship.

Questions

Do we actually have to do this, or is it scaremongering?

Depends where your users are and what you show them. If you have UK or EU users and any content that is risky for minors, or any users in a US state that has passed an app-store age law, you are already in scope. The penalty side is real: the UK's ICO and EU regulators can fine a percentage of turnover. If you are a global consumer app, assume you are in scope and scope the work, rather than waiting for the email. Working out whether you are exposed at all is the first thing I do, before anyone scopes a line of code.

Won't an age gate wreck our conversion?

A birthday-picker wall will. The current age APIs are far lighter, and handled right most users never see a screen at all. The conversion hit teams fear comes from implementing this the way you would have in 2019; with the APIs Apple shipped this year, it is close to invisible. Getting it that light is the work, and it is what you are hiring for.

How does this work without collecting birth dates? Regulators usually want proof.

That is the point of the new APIs: the age signal comes from the operating system, so your app receives a range and never the date itself. The harder question is which standard each law you are exposed to holds you to. Some accept the system's Age Assurance signal; a few demand hard identity verification through a third-party vendor. Working out which line you are on is the judgment, and it keeps you from over-building for a law that never applied to you or under-building for one that does.

We use a third-party SDK for user content. Does that change anything?

Yes, and usually for the worse. If that SDK uploads images or runs its own analytics, it can pull you out of the on-device privacy story the new APIs give you, and it can break your App Privacy label. I audit the SDK's data flow first, because there is no point gating age on-device if a dependency is shipping the same content to a server you do not control.

How quickly can you start?

Advisory calls can happen within days. For project work, I typically need 1-2 weeks notice to clear the calendar, though I keep some buffer for urgent firefighting. Check the availability badges above for current openings.

Do you work with early-stage startups?

Yes, from pre-seed to Series C and beyond. For very early teams, the advisory tier often makes more sense than project work: you get architecture guidance without committing to a large engagement before you've validated the product.

What's included in the day rate?

Everything: code, architecture decisions, code review, documentation, async Slack availability during working hours. No surprise add-ons. I bill for time spent working on your project, not for "thinking about it in the shower."

We're in a different timezone. Will that slow things down?

I'm currently in Vancouver (PST), with full overlap for North American teams. For UK and Europe, I'm online by their afternoon. For Gulf or APAC, we'd agree on overlap hours and handle the rest async. I've worked with teams from San Francisco to Dubai.

Areas I cover

Declared Age Range APIthe system hands you an age band, but the share, decline, and parental-approval branches each carry their own failure mode. The decline path is the one that quietly breaks apps, and it is rarely the one teams plan for.
Age Assurancethe framework-level signal that you made a reasonable effort to check age. Knowing which of these laws that signal satisfies, and which want more, is the judgment call you are paying for.
Sensitive Content Analysison-device detection of nudity and, as of this year, gore and violence. The tuning between blocking too much and missing what matters is where these features get judged, by users and by reviewers.
Family Controls & parental approvalthe authorisation and parental-approval paths for apps that need a guardian to sign off, and the design traps that get an honest app rejected as surveillance.
App age ratings & metadatathe expanded age-rating questionnaire and Kids category metadata. Answer it wrong and review kicks your build back; answer it right and you never think about it again.
Regulatory mappingUK Children's Code, EU DSA, and the US state acts, turned into a short list of iOS changes with the legal jargon stripped out, so you act on the requirements instead of trying to parse them.
Privacy posturedata minimisation and on-device processing, and an App Privacy label that matches what your code does, because a mismatch there is its own rejection reason.

Where I've worked CV LinkedIn

Drobinin Limited Founder · 2025 - present 12+ apps from idea to App Store. Featured by Apple in EMEA & Americas.
LivaNova (NASDAQ: LIVN) Senior iOS · 2020-2025 Epsy, an epilepsy management app. Shipped inside an FDA-regulated medical-device company. HIPAA, CES Innovation Award.
Sphere (acquired by Twitter/X) Senior iOS · 2017-2020 Early Employee. $30M funding to acquisition.
VK.com iOS Consultant · 2016-2017 Authored & delivered an onsite course on iOS development.
ToBox Lead iOS · 2015-2016 Built team, MVVM architecture, full Swift rewrite.

Facing an age-verification deadline?

Tell me what you're working on. I reply within 48 hours.

work@drobinin.com