Microsoft's latest service could finally give you back control of your personal data

A padlock against a black computer screen.
(Image credit: Pixabay)

Microsoft has unveiled a new identity theft protection tool aimed at helping keep Azure user data safe and secure online.

Entra Verified ID helps Azure AD customers confirm people’s personal and professional claims, allowing users to issue, request, and verify credentials that represent proof of employment, education, or similar. 

In a blog post announcing the launch, Microsoft’s Growth for Identity Security Lead, Ankur Patel noted how free and paid Azure AD customers users can design and issue verifiable credentials, and also choose when, and with whom, to share. 

Control over access

Each credential is signed with cryptographic keys that only the user owns and controls. These credentials will remain valid even if the issuing institution no longer exists, Patel states. Furthermore, these credentials are standards-based, making it easy for developers to integrate them in their products. Apps can request and verify the credentials through APIs, which are part of the service. 

To manage and present these credentials, customers can use Microsoft Authenticator, Patel further said. That gives them control over who can access the credentials, even in scenarios when they’re issued by an organization. “We will be adding capabilities like selective disclosure, derived claims (e.g. proof of age instead of birth date) and measures preventing correlation,” he said. 

They are also interoperable, meaning anyone can build compatible digital wallets. This functionality was developed jointly by Microsoft, and its partners IBM, Workday, Ping, and Mattr. “This interop profile gives application developers a consistent way to manage credentials as part of the digital wallets they build and switch across wallets,” Patel concluded.

In case of lost, or stolen credentials, they can be recovered using a mnemonic-based scheme.

Microsoft Entra, an umbrella identity management platform, was first announced in early June this year. The aim of the project is to radically simplify digital identity management and verification, unlocking benefits for enterprise customers and consumers alike.

“Our interconnected world requires a flexible and agile model where people, organizations, apps, and even smart devices could confidently make real-time access decisions,” the company explained at the time. “We need to build upon and expand our capabilities to support all the scenarios that our customers are facing.”

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.