Microsoft has announced that it is creating a robust decentralized identity ecosystem in collaboration with Decentralized Identity Foundation (DIF), an open source, non-profit organization, which has no intention to issue tokens. The tech giant will be creating the decentralized identity solutions based on open source code and standards developed by DIF, W3C, and the OSS community.
Notably, in January 2018, Microsoft donated $1 million to ID2020, a public-private partnership dedicated to solving the challenges of identity through technology. Accenture, The Rockefeller Foundation and Microsoft supports ID2020. While providing the grant, Microsoft announced its intention to develop an open source, self-sovereign, block chain-based identity system for people, products, apps, and services that interoperates across block chains, clouds, and orgs.
Decentralized Identity Foundation (DIF):
Prior to the formation of the Decentralized Identity Foundation in May 2017, the market for decentralized identity was fragmented. Organizations who are involved in developing solutions in the identity space lacked the fundamental primitives, protocols, and tools necessary to create an interoperable ecosystem. DIF created the necessary ecosystem by bringing in enterprises who share a similar vision. IBM, Hyperledger, and IOTA are among the companies involved in the project, in addition to Microsoft.
Microsoft’s plan for decentralized identity ecosystem:
According to Ankur Patel from Microsoft’s Identity Division, with active participation in the DIF, Microsoft is collaboratively developing the following key components.
• Decentralized Identifiers (DIDs) – a W3C spec that defines a common document format for describing the state of a Decentralized Identifier
• Identity Hubs – an encrypted identity datastore that features message/intent relay, attestation handling, and identity-specific compute endpoints.
• Universal DID Resolver – a server that resolves DIDs across blockchains.
• Verifiable Credentials – a W3C spec that defines a document format for encoding DID-based attestations.
How Microsoft Plans to Use Public (Bitcoin, Ethereum, etc.,) Block Chains:
According to Ankur Patel, public block chains (Bitcoin [BTC], Ethereum, Litecoin, to name a select few) provide a solid foundation for rooting DIDs, recording DPKI operations, and anchoring attestations. However, all of them cannot process millions of transactions per second. To overcome scalability issues, Microsoft is working on a decentralized Layer 2 protocols that run atop these public blockchains to achieve global scale, while preserving the attributes of a world class DID system.
The Microsoft Authenticator app is already used by millions of people to prove their identity every day. As a next step the company will experiment with Decentralized Identities by adding support for them into to Microsoft Authenticator. With consent, Microsoft Authenticator will be able to act as te User Agent to manage identity data and cryptographic keys. In this design, only the ID is rooted on chain. Identity data is stored in an off-chain ID Hub (that Microsoft can’t see) encrypted using these cryptographic keys.
Once Microsoft adds the capability, apps and services will be able to interact with user’s data using a common messaging conduit by requesting granular consent. Initially, Microsoft will support a select group of DID implementations across block chains and likely add more in the future.