In May 2019, Microsoft announced that is it looking to build a Decentralized Identity (DID) network on top of the Bitcoin blockchain. They focus on a new way of providing ownership of personal data, where everyone should have the right to have control over data access and use.
To date, they segment use cases into 3 categories: general public, organizations and developers. Sectors include:
Financial Services: Improve and speed the applicant identification process for establishing a new bank account, loan or payment service account
Commerce: Enable a more personalized and efficient shopping experience online and in stores, regardless of the payment type, device or service provider
Government Services: Simplify interactions with government agencies and services – such as filing taxes, applying for passports or securing support payments (e.g., Social Security)
Digital Services: Streamline and provide easier use of email, social media, movie/music streaming services, and rideshare platforms
Inside Microsoft Identity
Efforts are primarily led by the Microsoft Identity division. Within Microsoft, this team is responsible for building enterprise security solutions, including biometrics for login for Windows Hello and risk-based conditional access for Azure Active Directory.
Relevant announcements have been made by: Peggy Johnson, Alex Simmons, Ankur Patel, and Joy Chik.
Additionally, the Microsoft blockchain engineering team has been working since 2018 on a key signing and validation software that relies on public networks, like bitcoin or ethereum. Currently, verifying your identity online is still dependent on physical or digital proof managed by a central party, whether it’s your passport number, your proof of address, driver’s license, user credentials or other means.
This dependence places a huge burden on individuals, who have to successfully remember hundreds of passwords for various identities and are increasingly being subjected to more complexity in proving their identity and managing their data.
Their efforts are still early, as they have spent the better part of the last year in research mode working with various groups in the space, such as Decentralized Identity Foundation and the W3C Credentials Community Group. They are a member of the Decentralized Identity Foundation (DIF), a working group for the development of DID standards. Microsoft recently released a whitepaper with an overview of the importance of decentralized identity.
With a focus on standard, open source technologies, they are focused on collaboration on these key components:
Decentralized Identifiers (DIDs) – a W3C spec that defines a common document format for describing the state of a Decentralized Identifier
Identity Hubs – an encrypted identity datastore that features message/intent relay, attestation handling, and identity-specific compute endpoints.
Universal DID Resolver – a server that resolves DIDs across blockchains
Verifiable Credentials – a W3C spec that defines a document format for encoding DID-based attestations.
As their efforts mature, Microsoft intends to:
Provide detailed specs
Make public code contributions to DID based technical components, including performance and scale improvements and new tools for DID recovery
Bootstrap a new DID ecosystem by standing up key infrastructure that users and the developer community can depend upon Partnerships. These efforts include announcing collaboration with other players.
The summer of 2017, Microsoft explored collaboration with Accenture and Avanade on a prototype on Azure. They announced their intentions by founding ID2020, a global public-private partnership which has a big picture vision of aiding the 1.1 billion people around the world who lack any legal form of identity. Microsoft committed to a donation of $1 million.
In December of 2018, Microsoft announced that it will be working with Mastercard to improve how people manage and use their digital identity. They aim to give people a secure, instant way to verify their digital identity with whomever they want, whenever they want, on devices that people use everyday. This indicates a likely concentration on mobile by the team.
“Digital identity is a cornerstone of how people live, work and play every day,” said Joy Chik, corporate vice president, Identity, Microsoft. “We believe people should be in control of their digital identity and data, and we’re thrilled to first work with Mastercard to bring new decentralized identity innovations to life.”
Microsoft is also exploring collaboration with ConsenSys and Transmute, to develop a blockchain-agnostic protocol for creating scalable DID networks, called Sidetree. They have announced a preview of ION (Identity Overlay Network), a Sidetree based DID network, which is focused on issues of scaling. ION lets users obtain control over their own data via the management of their Public Key Infrastructure (PKI). The goal is to deliver the scale necessary for a foundation for DID infrastructure, while preserving the decentralization present in the Bitcoin blockchain.
The digital identity initiative is focused on helping challenges like:
Identity Inclusion: More than 1 billion people, a majority of them women, children and refugees, are not officially recognized; a digital identity can improve their access to health, financial and social services.
Identity Verification: A single, reusable digital identity can help people interact with a merchant, bank, government agency and countless other digital service providers with greater integrity, lower cost and with less friction.
Fraud Prevention: A single digital identity can help reduce payments fraud and identity theft of various forms.