Entra Verified ID introduces DIDs and VCs to the Microsoft ecosystem

Microsoft’s new product, Entra Verified ID, introduces Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs) to the Microsoft ecosystem. DIDs are a new type of identifier for entities on the Internet that are both decentralized and under the control of the entity itself.

VCs are a digital representation of credentials, such as a driver’s license or passport, that can be verified by third parties. This launch introduces DIDs and VCs to thousands of Microsoft software developers for the first time, enabling them to build identity solutions using this revolutionary technology. This is a step forward for decentralized identity adoption and it sets the stage for a more decentralized future.

This will enable a new audience of developers to use DIDs and VCs for several specific use cases. Decentralized identifiers and verifiable credentials allow users to have more control over their personal data, and provide a more secure way to login to services and share information.

Microsoft has already partnered with a number of biometrics providers on decentralized identity, including Idemia, Onfido, and Clear.

What is decentralized identity?

When talking about decentralized identity solutions, many refer to Decentralized Identifiers and Verifiable Credentials.

Decentralized Identifiers (DIDs) are a new type of identifier that is designed to give users more control over their online identities. DIDs are different from traditional identifiers like email addresses or social media handles in that they are not controlled by a central authority. Instead, each user manages their own DID and can decide how to share it with others. This gives users more control over their personal data and helps to protect their privacy.

Verifiable Credentials (VCs) are a type of digital credential that can be verified by a third party. VCs can be used to prove your identity online, or to verify that you have certain qualifications or credentials. Microsoft’s Entra Verified ID system will use VCs to help verify the identities of users for employee onboarding and access control scenarios.

The protocols of DIDs and VCs are governed by international standards set by the World Wide Web Consortium (W3C). Microsoft was involved in the creation of these standards and is committed to supporting these standards.

In the Entra ecosystem, Issuers publish different types of credentials to the network (which uses the Ion blockchain). These credentials are signed by users and sent to verifiers for validation against the public key stored in the Decentralized Public Key Infrastructure.

Microsoft launched with two main scenarios in mind: onboarding new employees and access controls.

Onboarding employees, partners, and customers

Similar processes are used to onboard new employees and customers, but Microsoft makes clear in a blog post that the workplace changes of “the great reshuffle” are one of the use cases for which it sees an immediate benefit from VCs.

Internal market research showed that onboarding costs and inconvenience are significant pain points for Microsoft customers, while offboarding poses security risks.

The company says Entra Verified ID will streamline both processes.

Access controls

Entra’s product page promises protected access to any app or resource, with “right-size permissions” and access lifecycle management. Entra’s tagline is “secure access for a connected world,” and the company says in another post introducing Entra that access control needs to be secured for “every microservice, sensor, network, device and database.”

This goes not just for granting access to individual customers and consumers, but also for partners, businesses and governmental organizations.

“When we can verify the credentials of an organization in less than a second, we can conduct business-to-business and business-to-customer transactions with greater efficiency and confidence,” Corporate VP of Microsoft Identity Joy Chik and Corporate VP for Security, Compliance, Identity and Management Vasu Jakkal write in the post.

Conclusion

Entra Verified ID will expand the adoption of DIDs and VCs especially for developers in the Microsoft ecosystem.

Entra uses W3C VC standard that allows developers to create, use, and manage decentralized identifiers and verifiable credentials in a Microsoft-centric development environment.

Introducing DIDs and VCs to the Microsoft ecosystem positions developers to take advantage of the growing demand for interoperable digital identity solutions.

Microsoft is one of the largest platforms in the world, and introducing DIDs and VCs to the Microsoft ecosystem will have a huge impact. The launch of Entra unlocks decentralized identity for Microsoft Azure Active Directory (Azure AD) users.

Microsoft Head of Product for Entra Ankur Patel writes that “millions of Azure AD customers (free and premium) can now easily issue, request, and verify credentials to represent proof of employment, education, or any other claim.”

This is a major step forward for Microsoft in terms of privacy and security, and it will be interesting to see how this new product is adopted by users.

About the author

Heather Vescent is a digital identity industry thought leader and futurist with more than a decade of experience delivering strategic intelligence consulting to governments, corporations and entrepreneurs. Vescent’s research has been covered in the New York Times, CNN, American Banker, CNBC, Fox and the Atlantic. She is co-author of the The Secrets of Spies, The Cyber Attack Survival Manual and The Comprehensive Guide to Self Sovereign Identity.

Article Topics

access control  |  data privacy  |  decentralized identifiers (DIDs)  |  digital identity  |  identity management  |  Microsoft  |  Microsoft Entra  |  onboarding  |  verifiable credentials