Identity fraud is a growing problem in the digital era, but so is the lack of any legally verifiable identity at all. Microsoft believes a solution to these and other identity management issues can be found in blockchain and other distributed ledger technologies (DLTs).
Over the past year, Microsoft has been exploring a number of new ways to use digital technology for more secure and private identity management. The company has been working with the Decentralized Identity Foundation, recently joined the ID2020 Alliance as a founding member, and today announced that it will begin experimenting with new identifier formats through its Microsoft Authenticator app.
Based on cryptographic concepts similar to those used for bitcoin and other cryptocurrencies, blockchain systems for identity management are designed to validate and protect digital information and ensure trust through a decentralized community of online users. Microsoft said such technologies could not only protect people against identity fraud and theft, but could also help overcome the “identity gap” that leaves one in six people worldwide, including millions of refugees, without proper documentation that ensures their legal rights.
Needed: ‘A New Model for Digital Identity’
“As many of you experience every day, the world is undergoing a global digital transformation where digital and physical reality are blurring into a single integrated modern way of living,” Ankur Patel, principal program manager for Microsoft’s Identity Division, wrote yesterday in a blog post. “This new world needs a new model for digital identity, one that enhances individual privacy and security across the physical and digital world.”
The incidences of identity fraud reached a new high in 2017, affecting 15.4 million people in the U.S. and causing $16 billion in losses, according to a study released earlier this month by Javelin Strategy & Research. Meanwhile, the ID2020 Alliance estimates that 1.1 billion people worldwide have no officially recognized form of ID, which makes it harder for them to access healthcare, education, and financial services and also makes them more vulnerable to trafficking.
Distributed ledger technologies could enable better ways to control and manage one’s identity privately, securely, and on a global scale, according to Patel. “Rather than grant broad consent to countless apps and services, and have their identity data spread across numerous providers, individuals need a secure encrypted digital hub where they can store their identity data and easily control access to it,” he said.
Self-Owned, Decentralized IDs
Blockchain systems could make possible decentralized IDs (DIDs) that are self-owned rather than being controlled by outside companies or organizations, Patel said. As defined by the World Wide Web Consortium standards organization, DIDs are “fully under the control of the DID subject, independent from any centralized registry, identity provider, or certificate authority.”
In addition to improving identity security and providing IDs for those who currently lack them, decentralized IDs could also help meet the privacy-by-design requirements of new regulations such as the EU’s General Data Protection Regulation, which comes into effect in May.
Patel said Microsoft plans to begin experimenting with DIDs by adding support for them in its Authenticator app.
“With consent, Microsoft Authenticator will be able to act as your User Agent to manage identity data and cryptographic keys,” Patel noted. “In this design, only the ID is rooted on chain. Identity data is stored in an off-chain ID Hub (that Microsoft can’t see) encrypted using these cryptographic keys.”
In an announcement last month about Microsoft joining the ID2020 Alliance, David Treat, managing director and co-head of the global blockchain practice at Accenture, said, “Decentralized, user-controlled digital identity holds the potential to unlock economic opportunity for refugees and others who are disadvantaged, while concurrently improving the lives of those simply trying to navigate cyberspace securely and privately.”
Image credit: iStock/Artist’s Concept.
Read more on: Blockchain
, Data Security
, Customer Data
, Identity Theft
, Next Big Thing
, Technology News