Microsoft said on Monday, February 13, that it plans to use blockchain technology to give you more control over your digital identity. Alex Simons, director of program management at Microsoft’s Identity Division, says the company invested in incubating a set of ideas relying on blockchain technology over the last 12 months. Monday’s update will be the first of many regarding how Microsoft plans to use that technology to create decentralized identities (DIDs).
The word “blockchain” is typically associated with cryptocurrency platforms. In its basic form, a blockchain contains a network of data blocks protected through cryptography. This data doesn’t reside within a central location, nor is it managed by one specific entity. Instead, these data blocks are “chained” between participating PCs scattered across the globe. This data cannot be altered or hacked because all blocks have a cryptographic hash of the previous block along with their transaction data and a timestamp.
In a sense, a blockchain is an open, digital ledger that records all transactions, but is not maintained by one party. That is the problem with most if not all internet-connected services: your information and transactions are stored on servers, which can be infiltrated by hackers looking for juicy personal data. Even more, all data written to any given block cannot be altered unless the previous blocks are altered, too.
While a blockchain is essential for decentralized transaction recording, it’s also great for storing your personal information. According to Microsoft, a blockchain would eliminate the need to provide “broad consent” to “countless apps and services.” Your identity wouldn’t be duplicated and spread out across multiple providers such as Twitter, Facebook, Instagram, Google Play, Amazon, and so on.
“Today, apps, services, and organizations deliver convenient, predictable, tailored experiences that depend on control of identity-bound data. We need a secure encrypted digital hub (ID hubs) that can interact with user’s data while honoring user privacy and control,” adds Ankur Patel from Microsoft’s Identity Division.
Of course, this isn’t a platform Microsoft can tackle alone. It’s working with individuals and organizations through the Decentralized Identify Foundation to create an ecosystem that supports decentralized identities. There are four basic components in this initiative: A W3C-based specification that defines a Decentralized Identifier, an encrypted identity datastore, a server that revolves DIDs across blockchains, and another W3C-based spec called Verified Credentials.
The big goal is to make this blockchain foundation scalable. It needs to expand as devices, organizations, users, and even new technology jumps into the mix without hitting a threshold. Patel says that several blockchain communities will increase block sizes to increase capacity, but this method not only degrades decentralization but cannot handle the transaction of a world-scale platform.
That said, the “transactions” aspect doesn’t necessarily mean purchases between entities. The company is likely referring to transactions between your data and services accessing that data. There is a permanent record of what those apps and services use. How you will be able to control those transactions remains to be seen.
Microsoft will begin experimenting with blockchains using Authenticator as its test subject.