Microsoft develops digital identities


In a Monday blog article, Alex Simons, Director of Program Management at Microsoft, shared his vision for the future of decentralized digital identities. The blockchain is designed to help them regain control over their own data.

Microsoft wants to advocate digital identities that not only guarantee more privacy and security, but also put control in the hands of identity carriers. According to Simons, blockchain technology is suitable for enabling decentralized IDs (DIDs). In the last 12 months, ideas for the use of blockchain and other distributed ledger technologies have been developed. The Product Manager of the Identity Division of Microsoft, Ankur Patel, presented the results and the resulting principles.

Bitcoin secret data processing today vs. digital identity tomorrow

Patel sees a need for digital identity in the modern way of life in which digital and physical reality merge. This Bitcoin secret should increase both security and privacy in both realities: It is precisely those people who still live without proof of identity who should benefit from the freedoms that a digital identity card can bring with it. This also includes control over their own data. At present, these are distributed among many providers with the approval of data use for apps and other services. By agreeing to their data being collected, used and stored, users lose control over exactly what happens to their data. Time and again, headlines about data breaches and identity theft make the front pages of daily newspapers. This is to be prevented by means of an encrypted digital hub. Users should be able to store their identity data on it and thus control access:

„Each of us needs a digital identity, which we possess, which stores all elements of our digital identity securely and privately. This own identity must be easy to use and give us complete control over the access and use of our identity data.“

Microsoft’s DID Development Guidelines

For the development of a decentralized identity (DID), Microsoft has developed guidelines that explain how our data is currently handled. Most importantly, they show what needs to be changed and how to digitize and decentralize identity data.

„Today, apps, services, and organizations provide convenient, predictable, and customized experiences that depend on the control of identity-related data. We need a secure, encrypted digital hub (ID Hubs) that can interact with the user’s data while maintaining the user’s privacy and control, explains Patel.

Traditional identity systems are primarily focused on authentication and access management. In order to decentralize the data, authentication is to be established via certificates. These credentials are assertions that are confirmed by other entities and thereby prove aspects of identity. This prevents the transmission of a flood of data and only reveals what is really relevant. Especially apps that offer features that are tailored to their users receive only the data that the user wants to pass on. Patel emphasizes that a stable decentralized identity system that is accessible to all can only be achieved through open source solutions. Therefore, Microsoft has been participating in the Decentralized Identity Foundation (DIF) for a year. In this context, the participating organizations jointly develop decentralized identifiers (DIDs). Specifically, this is a W3C specification that defines a common document format for describing the state of a decentralized identifier. In addition, the DIF is working on identity hubs and a server to solve the DIDs across blockchains. Furthermore, logon information can be checked via a W3C specification by defining a document format for the coding of DID-based authentications.

One step at a time
The Microsoft Authenticator App can already be used today to prove your identity. As a next step, Microsoft wants to experiment with decentralized identities. These are to be integrated into the app. The user should then be able to decide whether