Microsoft on Monday announced a plan to use blockchain technology to develop decentralized identities, or DIDs, supported by Microsoft Authenticator.
Microsoft formally joined the ID2020 Alliance last month as a founding member. The Alliance aims to develop a blockchain-based identity system for vulnerable populations — one that can operate across various blockchains, cloud providers, government agencies and other organizations.
Microsoft’s Authenticator mobile app can verify a user’s identity without the need for passwords. The company hopes to expand Authenticator’s use to confirm the identities of DID users. The identity data is stored in an ID Hub that is encrypted with a cryptographic key.
Microsoft has been working with a consortium of major companies that have come together to develop a set of standards and protocols that would allow various entities to communicate with each other and work interoperably. For example, a group of Swiss financial Institutions, technology firms, investors and other firms last fall got together to form the Multichain Asset Management Association, which is designed to create a new vision for asset management using blockchain.
The proposal is a really interesting one, and it builds on the efforts Microsoft has made with the Decentralized Identity Foundation and the ID2020 initiative, said Mark Nunnikhoven, vice president for cloud security at Trend Micro.
“This is an area where Microsoft has made an impact corporately — where Active Directory is the de facto standard for corporate identity — but has yet to have the success they wanted in the public Internet,” he told the E-Commerce Times.
The World Food Programme has used the ethereum cryptocurrency as a form of identification for Syrian civil war refugees who need food vouchers, creating one of the world’s largest uses of blockchain for digital identification, noted Jessica Groopman, industry analyst at Kaleido Insights.
The Microsoft plan would be one of the few at-scale deployments of blockchain identity in the world, she told the E-Commerce Times, as nearly all of the existing deployments are in proof-of-concept mode.
“In addition, this particular development offers Microsoft a front row seat to cutting-edge privacy and security configurations — both of which are ongoing vulnerabilities and cost centers for Microsoft,” Groopman pointed out.
The project could help Microsoft Authenticator become the foundation of whatever self-sovereign identity hub emerges from this project, she added.
“This looks like a secure and scalable approach,” said Paul Teich, principal analyst at Tirias Research. “However, the ID2020 Alliance has its work cut out for it.”
There are huge challenges involved in this project, he told the E-Commerce Times. For one, it will be difficult to reach the affected populations and then convince them this is not some kind of “new world order” global ID program.
The populations that most need DIDs likely have little to no technology access or experience in creating digital identities, Teich added. Then there is the issue of convincing and enabling local governments to use digital DIDs as trusted identification.
“If these challenges can be solved, even for only one sizable country,” Teich said, “digital ID will be transformative.”