Microsoft urges enterprises to start exploring decentralized digital ID use cases
Microsoft is thinking about decentralized digital IDs, and it would like its customers to do the same.
A marketing piece in Microsoft‘s Security blog makes the case that decentralization is fundamental to delivering on the promise of digital identities for data security, user privacy, and interoperability.
The logic could have been cut and pasted from a client-server deck years ago. That is not to say it is a retread argument. It is, in fact, a tried and tested pitch that many companies and some governments will agree with.
Myriad digital IDs exist today, and that is part of the security problem. Individuals’ IDs are typically scattered and stored in massive databases with differing levels of security and limited interoperability. And they require the owner of the identity to manage it, in contrast with the dependence on businesses to sort out the mess and restore rightful ownership when an account associated with a centralized digital ID is compromised.
Decentralization turns that upside down, enabling a person to verify their ownership of an ID and account with digitally signed credentials. People control access to their biometric and other data. Microsoft illustrates some of the potential advantages of decentralized digital ID with reference to mobile driver’s licenses, and privacy and security-preserving features that can be built into them, like limited disclosure.
The blog notes that standards are not yet finalized, and that is no small issue, but the likely reader of the piece will have little influence on that. Instead, the company nudges readers to think up use cases, giving employee and contractor onboarding and account recovery as examples. The market has to know what it wants and why.