Azure AD verifiable credentials, now in public preview, provide an open standards approach to safely and securely re-using verified information about a business or user in order to provide fast, frictionless access to new services.
Once a person’s real identity is bound to their digital identity using Onfido’s document plus selfie verification, end-users are onboarded to Azure AD and have complete control over their identity from their smartphone, being able to provision its reuse to access additional services.
At launch, the service can accelerate remote onboarding of new employees, provide secure access to apps that require different permission levels with single sign-on (SSO), and enable a more trustworthy, self-service account recovery experience across government, education, and financial service applications.
Unlike a physical passport which is accepted at every airport; the digital world is different. Individuals have a unique credential (often, a username and password) for every online service they access to prove that they are who they say they are.
With the average person managing over 191 pairs of usernames and passwords, this quickly becomes unmanageable and insecure, putting a burden on organizations to verify their customers’ identities and ensure that their data is secure.
Individuals can manage credentials in the Microsoft Authenticator app, and developers will be able to request and verify credentials via the application SDK.
The process improves verifiability while protecting privacy for businesses, employees, contractors, vendors, and customers.
Workforce identity scenarios for Azure AD include:
- Faster remote onboarding: Azure AD verifiable credentials solution gives users self-service enrollment and faster onboarding with ID verification services.
- Self-service enrollment and account recovery: Replaces usernames, passwords, and security questions with a simple biometric selfie check.
- Verified access to apps: Users can store and present a verified credential when attempting to access resources that require identity verification based on company policy.
“Putting people in control of their own identity will help transform the way global employees, customers, and businesses access remote services,” said Rick Hofmann, VP of Partnerships & Alliances at Onfido.
“Being able to verify a person’s identity once at onboarding, and then reuse those credentials to access many different services from different providers without collecting and storing personal data is a game-changer.
“Individuals get more control over what information they share, and businesses can provide a more seamless onboarding experience.”
“Our vision is to provide the platform for a digital identity in which individuals have more control over what information they share and can restrict access if needed,” said Sue Bohn, Partner Director Program Management, Identity Division at Microsoft Corp.
“Collaborating with Onfido empowers businesses to verify information at scale while ensuring users have greater control over their personal information.”
The Gartner Predicts 2020: Identity and Access Management report states that:
“Decentralized identity is making a debut in 2021 and will disrupt traditional methods of access for many providers, as it will be used for 25% of all bring your own identity (BYOI) logins by 2023.”