Microsoft has announced that it is developing a new distributed identity technology based on a simple vision.
- Work with the decentralized identity community to complete a set of high quality open standards that we can all support.
- In parallel with these evolving standards, we will launch the first public offering of distributed identity services.
Microsoft is in the next phase of planning and has two initiatives in the works.
In April 2021, we will launch a public preview of our new distributed identity system, Microsoft Azure Active Directory Verifiable Credentials, which will minimize data processing and allow users to have significant control over the specific identity data they share and how it is used. By giving users significant control, we are expanding the opportunity to build a distributed identity system that increases customer trust and adoption.
Five guiding principles
In this new phase, we want to share a set of guiding principles that will guide both efforts, and we believe that all of the principles are necessary over time to realize the promise of distributed identity.
The five basic principles of decentralized identity are as follows.
- Secure, Trustworthy, and Credible
My digital identity must be secure. It must not be easy to forge or hack. No one should be able to impersonate the user.
You must always have a way to access, use, and securely recover your digital identity.
You must have access to a detailed log of all the times you have used your digital identity, who you have used it with, and what you have used it for. - Privacy and self control
Digital identity is under the control of the user. They also need to know who uses them and how they are used.
The user must be able to see which elements of his or her digital identity are being requested, and must have the option to disclose only the specific information necessary to support the agreed-upon use.
A user’s use of a digital identity must be private. No one, other than the person with whom you have explicitly shared it, should know that you are using a digital identity without your consent.
My digital identity should not be used to track me across unrelated services or applications without my consent.
I must be able to switch freely between devices and applications of my choice to manage my digital identity, and must never be locked in.
You must be able to delete all aspects of your digital identity, as well as any associated data and log files, from wherever you choose to store them. - 3. Inclusive, Fair, and Easy Use
Digital identities must be available, usable, and accessible regardless of race, ethnicity, ability, gender, gender identity, sexual orientation, national origin, socioeconomic status, or political affiliation.
Digital identities should be easy to use, use principles of universal design, and be useful to people of different abilities. - Supervisable
When a user is disenfranchised or dies, they must be able to designate a trusted friend or family member who can access their digital identity if needed.
If the user is a child, my digital identity must support appropriate oversight and management by a parent or custodian. - 5. Environmental Responsibility
The creation and use of digital identities must be environmentally sustainable and not cause long-term environmental damage.
Microsoft’s Commitment to the New Digital Identity System
As we build and operate this new system, we are also making additional commitments that we believe are critically important.
Comments