The concept behind verification could have started with social media but awarding a verified checkmark to prove an individual’s identity may soon go broader with Entra.
The launch of the blockchain-based service coincides with the decision by tech companies to abandon traditional password-based login in order to improve security.
With the new Verified ID service, Microsoft aims to enable the creation of digitally verifiable credentials for personal attributes, said Ankur Patel, Microsoft’s principal program manager for digital identity.
Individuals will be able to receive digital credentials as part of a Verified ID that confirms where they work, their schools attended, which bank account they hold — and, perhaps more controversially, if they are in good health according to their physician.
According to Patel, individuals are encouraged to keep these credentials in their digital wallets. They can be quickly shared with whoever needs them, such as when seeking employment or a loan or onboarding at a new business. “I get to give you an affirmation that says I have education, and my doctor gets to tell you if I’m fit, and my bank gets to tell you if I have money,” he explained. “My digital identity is made up of all the things mixed.”
Verified ID, which uses blockchain-based decentralized identification standards to validate credentials, seeks to improve efficiency while lowering the risk of fraud from a business standpoint.
Microsoft Entra Verified ID
On Tuesday, Microsoft officially announced its plans to launch the Microsoft Entra Verified ID service, available to everyone by early August. Entra is the new name for the portfolio products of Microsoft. It also includes its Azure Active Directory authentication service.
Verified ID, according to Patel, will take one to three years to reach the mainstream. Given that “we’re talking paradigm shifts here” in terms of digitizing more of the analog world, he admits that sounds rather quick. “Because it’s built for network effect,” Patel added, “it will go faster than traditional business solutions.”
According to Patel, enterprises will most likely employ Verified ID in conjunction with existing digital and analog verification techniques with a part of their users in the first year. In part, wider adoption will be contingent on ensuring that the program hasn’t “harmed anyone,” he said.
One potential concern, says Patel, is that people may mistakenly communicate critical information with the wrong people through the system. “When you’re presenting these documents in the physical world, you’re careful – you don’t just offer your birth certificate to everyone,” he explained. Microsoft is attempting to reduce the issues with its digital wallets by including measures that defend against accidental exposure.
Microsoft’s Entra Verified ID will be accessible in early August, but widespread use could take three years.
Privacy concerns will need to be addressed within that time frame. Physical documentation has traditionally given more control over what information is presented in a given situation and to whom. Privacy groups are concerned that a single digital hub could unintentionally release sensitive data such as birth certificates.
Microsoft’s development team will have to guard against the unintentional transmission of incorrect data from one source to another. But it isn’t only Microsoft’s responsibility.
Many countries, including Lebanon, Switzerland, and Portugal, are working on digital IDs, and the World Bank is attempting to create a global digital ID framework. Digital ID solutions, whether centralized or decentralized, will require extensive testing and expansions before widespread use.