🎉 Use coupon MYXERO to enjoy 20% recurring discount on any plan. View Pricing
XeroWP
Borderage Core

Borderage Core

0/5 (0 ratings) — active installs Updated Mar 18, 2026
adult contentage gateage verificationcompliancehand gesture
Download v0.1.0

Borderage Core protects your WordPress site by requiring age verification for visitors. Unlike traditional ID-based systems, BorderAge uses hand gesture recognition – no selfie, no ID document required.

Features:

  • Protect entire site or specific pages
  • Hand gesture verification (no facial recognition)
  • Visitor account system for returning users
  • Unified login form (WordPress account first, then visitor account fallback)
  • Credit alert system – Automatic email notifications when credits run low
  • Rate limiting – Prevent brute force verification attempts
  • Login brute-force protection – Rate limiting on account login attempts
  • Health logging system – 24-hour internal monitoring with export
  • Statistics dashboard – View verification metrics (total, adults, minors)
  • Customizable verification page styling
  • Multi-language support (EN, FR, DE, ES)
  • Developer tools – Testing utilities and data reset
  • Debug mode with logging and export functionality

Requirements:

  • BorderAge API credentials (site_id and site_secret_key)
  • Credits for new verifications (existing verified users can still access)
  • Pretty permalinks enabled in WordPress Settings

For more information, visit borderage.com or contact us at [email protected]

Admin Pages

Borderage Core provides 8 configuration tabs accessible via BorderAge in the WordPress admin menu:

Tab
Description
Purpose

Configuration
API credentials and basic settings
Enter your site_id, secret_key, enable/disable plugin, set debug mode

Protection
Protection mode and protected pages
Choose to protect all pages or specific pages, configure rate limiting

Appearance
Form styling customization
Customize verification page colors, button styles, and layout

Statistics
Verification metrics dashboard
View total verifications, adult/minor breakdown, monthly statistics

Guide
User documentation
Complete usage guide and setup instructions

Developers
API documentation
Technical reference for developers integrating with BorderAge

Debug
Health logs viewer
View system health logs, export debug information

Dev Tools
Testing utilities
Reset visitor data, clear logs, testing functions (debug mode only)

Navigation: Click on the “Borderage” menu item in WordPress admin to access all tabs. Each tab provides a specific set of configuration options and tools.

External Services

This plugin connects to the BorderAge API at pool.borderage.com for age verification services.

When data is transmitted

  1. During age verification – When a visitor clicks “Verify now”
  2. Credit balance check – When admin pages load to display remaining credits
  3. Statistics retrieval – When the Statistics dashboard loads to display verification metrics
  4. Health logging – Internal monitoring events (not transmitted to external API)

Data transmitted

Data
Description
Purpose

site_id
Your site identifier
Identify your site

user_id
SHA256 hashed visitor ID
Pseudonymized visitor tracking

age
Age threshold
Verification requirement

hash
Security signature
Request validation

is_over_age
Boolean (true/false)
Age verification result

result_hash
Callback validation hash
Verify callback authenticity

reference_id
Attempt reference for rate limiting
Track verification attempts

Hash Generation:

  • Credits check: hash('sha256', timestamp . site_id . secret_key)
  • Callback verification: hash('sha1', result . user_id . age . secret_key)

Privacy note: This plugin and the BorderAge API store only pseudonymized data: a hashed visitor ID and a boolean indicating whether the age threshold was met. Zero Personally Identifiable Information (PII) is stored or transmitted – no names, emails. Unlike competitors, BorderAge uses no biometric fingerprinting, no selfies, and no ID documents. This eliminates any risk of personal data leaks, as such data simply doesn’t exist in our system.

For more details about BorderAge’s technology and privacy-first approach, visit https://borderage.com/technology/

Service links

Terms of Service: BorderAge’s Terms of Use are negotiated individually between each client and Needemand (creator of the BorderAge SaaS). Contracts are established on a case-by-case basis rather than using a generic public ToS. Please contact BorderAge to discuss your specific terms.

Privacy Policy

Data processed by this plugin:

  1. Visitor verification status – Stored in browser cookies to remember verified visitors (expires after 24 hours)
  2. Visitor accounts – Optional accounts for returning visitors (email, hashed password)
  3. Verification logs – Records of verification callbacks for debugging (24-hour retention)
  4. Health logs – Internal system monitoring logs (24-hour retention, JSON format)

Data sent to the external BorderAge API:

Only pseudonymized data is transmitted and stored: a hashed visitor ID (SHA256) and a boolean indicating whether the age verification was successful (is_over_age: true/false). Additional metadata includes site_id, age threshold, and security hashes for validation.

What makes BorderAge different:

  • Zero PII storage – Neither this plugin nor the BorderAge API store any Personally Identifiable Information
  • No biometric fingerprint – No biometric data is collected, stored, or transmitted
  • No data leak risk – Impossible to leak personal data that doesn’t exist
  • Privacy by design – Hand gesture verification without selfies, ID documents, or facial recognition
  • Rate limiting protection – Prevents brute force verification attempts
  • Automatic cleanup – Verification tokens and logs expire after 24 hours

For complete privacy information, see the BorderAge Privacy Policy.