/identity

News and resources on digital identity, trust, biometrics and Secure Customer Authentication.
Microsoft bids to overhaul ID verification

Microsoft bids to overhaul ID verification

Microsoft has taken a major step in its efforts to create an identity verification system that can be used across organisations.

Now in public preview, Azure Active Directory (Azure AD) verifiable credentials offers an open standards-based approach to organisations re-using verified information about a person.

Azure AD is based on the Decentralized Identifiers (DID) core specification, which Microsoft says is "very close" to joining Verifiable Credentials as a ratified standard.

Firms can design and issue verifiable credentials to represent proof of claims - such as about employment or education. Then, the holder of the credential can decide when, and with whom, to share it. Each credential is signed using cryptographic keys associated with the DID that the user owns and controls.

Microsoft is working with a host of ID verification firms - including Jumio, Onfido and Socure - to use the technology to make it possible to verify an identity once and present it to anyone.

Azure AD customers can use the system to validate official documents and electronic records across 192 countries to verify identities.

Microsoft says this will benefit both organisations and individuals when it comes to highly-regulated interactions, enabling people to quickly start a job, apply for a loan, or access secure apps and services—without having to repeatedly share their sensitive information.

Comments: (7)

Andrew Smith
Andrew Smith - RTGS & ClearBank - London 08 April, 2021, 10:391 like 1 like

Its agreat shame that Microsoft hasnt followed the SSI prinicples regarding its inplementation, if it had, then privacy would have been key. In addition, the centralised nature of AD also causes issues - but if its a way of using verifiable credentials and link them back to your more traditional AD approach - then that is a good thing...Its all dependent on the real world usecase.

Andrew Smith
Andrew Smith - RTGS & ClearBank - London 08 April, 2021, 11:29Be the first to give this comment the thumbs up 0 likes

I should have added, the issue of identitiy needs to be a cautionary one. We cannot afford to get "identity" infrastructure wrong, there is too much at stake.

 

Digital identity, cautionary facts – FinTechAndrew – The blog (wordpress.com)

Rajan Chadha
Rajan Chadha - IBN - London 08 April, 2021, 13:471 like 1 like

The issue of identity managment is a very sensitive issue and I agree with Andrew Smith's comments above. Additionally, I may add that if there is no connectivity neither AD nor RTGS will work. The other issue is delay ( latency) and security, as the information flows it can be compromised as we move from server to server before it reaches you. To address, the above we invented next generation connectivity whereby RTGS happens even when no internet in a secure manner in real time . I think with further development a solution could be developed that unquestionably link a transaction to an individual (or organisations) uniformally and to systems in real time, ofcourse even when no internet.

Andrew Smith
Andrew Smith - RTGS & ClearBank - London 08 April, 2021, 14:49Be the first to give this comment the thumbs up 0 likes

@Rajan, we are working on just that ;)

Rajan Chadha
Rajan Chadha - IBN - London 08 April, 2021, 19:41Be the first to give this comment the thumbs up 0 likes

privilage to collaborate ☼

Philip Andreae
Philip Andreae - PA&A - Sea Island, Ga 08 April, 2021, 22:271 like 1 like

As a lay person with some knowledge of the questions, one wonders how we will develop a model where each of my claims (read attributes) can be trusted by a myriad of parties.  My claims will include graduation from University, Birth, marriage(s), divorce(s), Vaccination(s), certificate(s) of complaince to a defined work capability, business permit(s), employment(s) and the list goes on.  Without agreement on the schema associated with the multiple claims I wish to have trusted, how all of this will work is open to discussion. 

One then thinks about the work of ISO on 80013, 8583, 20022, 781z, and ... then add ICAO on the electronic passport, AAMVA on the Mobile drivers license and all sorts of relationship, membership  andtransactions types like airline tickets, theater tickets, bus passes.

What am I missing I am sure the list is enormous.

 

Janne Jutila
Janne Jutila - Internos Partners - Espoo, Finland 09 April, 2021, 05:58Be the first to give this comment the thumbs up 0 likes

In response to Philip A. - the list of digital identity use-cases is in fact endless. Over time next to all transactions will be digital even when happening f2f. The solution is to separate the transaction authorization with strong authentication based on verified identity from the transaction processing. This is already happening in e.g. payments with 3DS 2.0. With separation, the transaction processing complexity is an use-case & industry specific issue.

Trending