DENVER — Microsoft demonstrated an open, standards-based self sovereign identity package Wednesday at the Identiverse conference and called for the audience of identity pros to join their consortium.
"This is possible because almost every company [in the demo] used the same set of open standards," Kristina Yasuda, senior identity standards architect for Microsoft said, soon adding: "This is the power of standards."
Identiverse is a conference held by SC Media's parent company, the Cyber Risk Alliance.
Self sovereign identity (SSI) is a decentralized system to replace the ecosystem of identity that currently exists — the one where the system authenticating a user of a commercial website is separate from their driver's license or office door codes.
The idea is not new. In 2014, Obama administration cyber adviser Howard Schmidt speculated about a time "a student could get a digital credential from her cell phone provider and another one from her university and use either of them to log-in to her bank, her e-mail, her social networking site, and so on, all without having to remember dozens of passwords."
At the demonstration, Microsoft corporate vice president of program management pitched decentralized identity as a solution to a bevy of problems. Technologically, he said, it will allow for the rapid move towards infusing identity into all internet-connected things, each potentially working in complex networks requiring frequent authentication.
But he also believed that decentralized identity, with its ability to take the storage of data used for identity out of the hands of enterprises, could address several of the problems the current system leaves unaddressed. Allowing groups like Facebook and Google to authenticate users provides them data they can use for surveillance capitalism, personal data not stored in a central location cannot be stolen in bulk, and SSI could be flexible enough to adapt to a range of geopolitical needs.
"I think of the current era as the identity of identity as a control point, where you have centralized control systems, that entering that era that identity trust traffic was distributed, interconnected and highly intelligent. That's where I think the next five to 10 years of really interesting innovation and work for all of us across the industry are," he said.
SSI has detractors within the identity space. At Identiverse Tuesday, Stephen Wilson, founder of Lockstep Consulting, presented his theories why a single system to replace a complex environment hasn't caught on since Schmidt's prediction. Schmidt, he noted, believed the marketplace would create solutions. But the marketplace has not provided them yet.
"I've got a very good accountant, but I don't like her to do my root canal," he said.