Alex Simons, director of program management at Microsoft’s Identity Division, says the company invested in incubating a set of ideas relying on blockchain technology over the last 12 months. Monday’s update will be the first of many regarding how Microsoft plans to use that technology to create decentralized identities (DIDs).
"Over the last 12 months we've invested in incubating a set of ideas for using Blockchain (and other distributed ledger technologies) to create new types of digital identities, identities designed from the ground up to enhance personal privacy, security and control."
Microsoft's identity ambitions, he wrote, now centre on user-controlled-and-owned Decentralized ID schemes so that a single data breach can't give crooks the keys to your kingdom.
"This new world needs a new model for digital identity, one that enhances individual privacy and security across the physical and digital world," Ankur Patel, a principal product manager with Microsoft's Identity Division, wrote in a blog post. "Rather than grant broad consent to countless apps and services, and have their identity data spread across numerous providers, individuals need a secure encrypted digital hub where they can store their identity data and easily control access to it."
But like so many others considering blockchain, Microsoft has hit upon scaling problems.
"While some blockchain communities have increased on-chain transaction capacity (e.g. blocksize increases), this approach generally degrades the decentralized state of the network and cannot reach the millions of transactions per second the system would generate at world-scale," Simons wrote. "To overcome these technical barriers, we are collaborating on decentralized Layer 2 protocols that run atop these public blockchains to achieve global scale, while preserving the attributes of a world class DID system."
Microsoft's not detailed what that work will entail, but has said that its Authenticator app will soon support Decentralized Identities.
"With consent, Microsoft Authenticator will be able to act as your User Agent to manage identity data and cryptographic keys. In this design, only the ID is rooted on chain. Identity data is stored in an off-chain ID Hub (that Microsoft can't see) encrypted using these cryptographic keys," Simons wrote.
Simons didn't offer a timeline for Microsoft's contributions, but we imagine they will be eagerly awaited given blockchain transaction times have already seen prominent vendors - Microsoft included - bail from offering pay-by-bitcoin on their online stores.