Why wouldn't something based on unlinkable blind signatures work? Basically site issues a token to user, user gets token unlinkably blindly signed by some recognized age verification entity (government agency, bank) that already has their personal information, user returns signed token to site, site verifies it was signed by the recognized age verification entity.