Microsoft Bets On Blockchain For Decentralized Identity System

In a blog post, Microsoft detailed its vision for a future in which everyone owns their own digital identity through decentralized blockchain technology. The company believes this technology will make identities more private and secure and give people control of their own identities.

Important Features Of Blockchain Identity

Microsoft said it has learned some important lessons from its decentralized identity incubation projects, which were developed in an effort to empower everyone to own their own digital identity.

According to the company, the blockchain-based identity will allow you to:

1. Own And Control Your Identity

In the current state of affairs of digital identities, users have to grant broad consent to the apps they use. These apps end up collecting as much of their data as possible. That data is then used and retained beyond the users’ control. As if that wasn’t enough of a problem on its own, it gets worse, because many of these companies then suffer data breaches and cyber criminals also get to exploit that information for their own profit.

One of the worst case scenarios has already happened in the U.S. with the Equifax data breach that exposed the data of over 145 million users. The “users” weren’t actually users at all, as it wasn't up to them whether or not credit reporting companies such as Equifax could collect their data. User data was given to the credit reporting companies through banks, credit card companies, retailers, and so on.

Microsoft believes that decentralized blockchain identities will solve many of these issues, as people will remain in control of their identity and personal data.

2. Support Privacy By Design

Today’s apps depend on controlling your identity in order to provide you with customized services. However, a decentralized system could allow companies to interact with user data while still honoring those people's privacy and allowing them to maintain control over their own data.

3. Trust Is Earned By Individuals

According to Microsoft, a self-owned identity system will add a focus on individual authenticity and how communities can establish trust. In a decentralized system, trust is based on claims that other entities endorse. This helps prove facets of one’s identity.

4. Building Apps With User At The Center

Microsoft noted that some of the most engaging applications and services today are the ones that have access to a user’s Personally Identifiable Information (PII). A decentralized identity system would allow these applications to obtain that information without having to jump through all sorts of compliance and legal hurdles. That’s because the information would remain in the user’s control instead of the entity controlling the information on the user’s behalf.

5. Open Source And Interoperable Technology

To create a robust decentralized identity system, it needs to be built using open source, interoperable protocols, technologies, and reference implementations. Microsoft noted that, for the past year, it has been participating in the Decentralized Identity Foundation, which also includes IBM, the Linux Foundation, and multiple blockchain identity companies.

The foundation will be developing the following key components:

Decentralized Identifiers (DIDs) – a W3C spec that defines a common document format for describing the state of a Decentralized IdentifierIdentity Hubs – an encrypted identity datastore that features message/intent relay, attestation handling, and identity-specific compute endpoints.Universal DID Resolver – a server that resolves DIDs across blockchainsVerifiable Credentials – a W3C spec that defines a document format for encoding DID-based attestations.

6. Scale Is Critical

Most blockchain projects tend not to scale too well due to their network security requirements (such as using a Proof of Work algorithm, the same algorithm Bitcoin uses). However, over the past years we’ve seen new cryptocurrency projects develop all sorts of innovations to deal with this issue, including building a “Layer 2” protocol that performs transactions outside of the main chain.

Microsoft said that these Layer 2 protocols will be needed to achieve the millions of transactions per second required to enable a global scale for decentralized identities.

7. Easy Access 

Microsoft doesn’t think mainstream users will want to deal with having to keep their private keys secure. The company hopes to find a way to make key management challenges such as recovery, rotation, and secure access, intuitive and fool-proof.

Microsoft Authenticator Receives Blockchain Upgrade

The company said that even though their assumptions are solid, the real lessons will be learned by engineering the solutions today. As such, it will soon add support for decentralized identities into Microsoft Authenticator, a two-factor authentication application. Microsoft said that the app will require your consent to store your private key and identity data in an off-chain encrypted hub, which the company said it can’t see. Only the ID will be rooted in the main chain.

Once this integration is complete with the Microsoft Authenticator, services that support the Authenticator will have to request granular consent when they need users’ data.

Microsoft said it will work with its partners to solve this big challenge of developing a working blockchain-based identity system, but it also noted that user feedback will help speed-up the development process.

Lucian Armasu
Lucian Armasu is a Contributing Writer for Tom's Hardware US. He covers software news and the issues surrounding privacy and security.