Funnel overlay image

Blog | 4-minute Read

What is Verified ID? Online identity verification made easy

Marcus Idle profile headshot

Marcus Idle

Head of External Identity

Published: 29 March 2023

We all need digital identities to function in the modern world. But how we manage them is a challenge. Verified ID holds the key to a more secure identity verification process. And a seamless user experience.

We use physical identity credentials every day. We present them to pass through airports, open bank accounts, or onboard at a new job.

Traditional identity verification meant presenting a physical credential unique to the user. A passport, driving licence, or a national insurance number, for example.

Credentials provided by trusted organisations, like the UK Government, or DVLA. They’re yours, they remain only with you, and stay in your control at all times.

These physical credentials are, of course, universally accepted. But they’re not always practical for use in a digital setting.

An obstacle that is overcome by a concept known as decentralised identity.

OK, but what is decentralised identity?

Everyone has a digital identity. In fact, everyone has several digital identities.

They’re used in a number of different scenarios. We use them for work, for social media, shopping, and over multiple apps and devices. Many times a day.

But here’s the problem. They may be our identities. But we don’t actually own, or have full control, over them.

They’re controlled, stored, and owned by third parties and organisations.

The identity you use might be you, but it isn’t with you. It lives in a server somewhere, controlled by someone else.

How do you know your identity is being looked after properly? What if there’s a data breach? What if your identity data is sold to unscrupulous third parties?

The digital identity problem is also an acute one for businesses.

Organisations are operating multi-cloud platforms, and cyber attacks are constantly evolving in complexity.

And with the explosion of cloud computing and working from home, life and work is becoming increasingly more intertwined.

Digital identity solutions should reflect these changes. They need to be secure, easy to use, and in full control of the user.

This is the problem Microsoft are solving with a new offering within its Microsoft Entra family of identity products. A solution based on the open-standards created and published by the Decentralized Identity Foundation (DIF) community.

tag icon

Free Video

Implement simple trustworthy identity verification

Confidently streamline your secure identity verification and reduce admin.

Watch now and discover how Microsoft Entra Verified ID:

  • Simplifies and safeguards employee onboarding
  • Secures personal information exchanges
  • Removes compliance processing headaches

Introducing Microsoft Verified ID

Verified ID is Microsoft’s implementation of decentralised identity credentials.

It’s an automated solution to replace traditional manual, paper-based verification processes that don’t suit a digital environment. Streamlined, automated identity verification that’s safe, simple, and saves time.  Making life easier for all parties.

Verified ID lets you create a secure, verifiable digital identity.

A means to quickly, easily, and securely prove you are who you say you are. Whenever, and wherever you need.

Or, as Microsoft puts it: Verify once, use anywhere.

Verified ID Identity Verification Flowchart

You choose who to show it to, giving you the freedom to approve or deny requests to view and share it.

Plus, you can view the full history of where and to whom you’ve presented the verifiable credential.

With Verified ID, you have full control over your identity.

Let’s look at a couple of examples

  • Joe wants to enrol on a course at a college. The enrolment process asks for him to provide documented proof of his identity. These can be things like:

    • Passport
    • Drivers License
    • Birth certificate
    • Local authority ID card

    Joe then adds some personal details, like his email address, next of kin, and home address.

    Using this information, the college validates and issues a Verified Credential. In this case, a student credential. This is stored in a digital wallet on his phone, inside the Microsoft authenticator app.

    Joe can use this credential as verified proof of identity across the college. Allowing him access to the resources and facilities to which he’s entitled.

    At the point Joe finishes or leaves the college, the credential gets revoked.

    But that’s not the end of the story.

    A year later, Joe applies for a job, based on his college qualifications. Joe’s new employer can now use this Verified Credential to prove his identity and qualifications.

    Meaning no more scanning of paper documents.

    Simple and secure for Joe. Efficient and accurate for the employer.

  • Julie has been working with Woodgrove for the past year. Woodgrove issued her verified employee credentials when she joined the company.

    She recently started on a new project. It requires her to collaborate with partner company, Contoso. This means she needs access to documents held in Contoso’s SharePoint site.

    To access to Contoso resources, new collaborators use a self-service flow and access packages. This needs an access package approver from Contoso to verify Julie’s employment and role at Woodgrove.

    Thanks to Verified ID, that process is a lot simpler.

    When requesting an access package, Julie presents her Woodgrove verified employee credential. The app is able to automate identity verification. Meaning immediate access for Julie, without having to wait for human intervention.

    If Julie leaves her job, access is instantly revoked. Preventing her from gaining unauthorised access to Contoso documents.

What are the benefits of Verified ID for your organisation?

For organisations, Verified ID unlocks new potential. Saving the business time and money, tightening security, and improving the on-boarding process.

Security

When digital identities are stored on centralised servers, all a determined hacker has to do is breach that server and gain access to those IDs.

This problem doesn’t exist with Verified ID. Because it’s a decentralised identity verification system, these identity credentials aren’t stored in a centralised server. Instead, they’re stored with the user and verified for legitimacy when presented against a distributed ledger1.

You aren’t granting wide, unfiltered consent to the numerous apps and services you use every day. Spreading your identity data everywhere you need to use it.

Verified ID gives control over your identity back to you as the individual. You decide what information to share, when you want to share it, and whom you want to share it with.

What if you no longer wish to share this credential with a person or organisation?

Well you simply revoke their access to it with a single click.

And, as the credential remains in your possession, you can re-share it with ease, where and when you need.

Compliance

Keeping your organisation compliant is becoming more difficult.

Regulations around data and how it’s stored are strict. Especially so when it comes to personal data.

With Verified ID, you’re not checking anything against your own database. After all, these are decentralised digital identity credentials. The user is in full control of them.

The problem of compliance will be less of a headache. You won’t be the central repository of your employees personal information, so you’ll be storing less sensitive data.

Reduce human error

Most of us have experience of an onboarding process at a new job. The need to bring your passport, provide your NI number, or other proof of identity.

It’s a manual process that eats into everyone’s time. And, it opens up plenty of chances for human error or even the acceptance of fraudulent documents.

With Verified ID, you’re creating credentials for employees based on information registered with a trusted organisation.

This dramatically reduces the risks of entering incorrect employee information into your database. Saving both time and money that can come from retroactively correcting those errors later.

Productivity, efficiency, and time saving

Verified ID lets you create workplace credentials for new hires. Granting them them immediate, secure, and easy access to your organisation’s applications, data, and other assets.

This can all be done in a matter of minutes. Meaning your new hires can be productive from the moment they start with your organisation.

Another efficiency benefit for Verified ID is self-service account recovery and password reset.

Your employees can reset their own passwords and manage their accounts, saving your organisation time and money.

And with Verified ID, you reduce the need for help desk phone calls and security questions. It’s a much more straightforward and secure process.

20-50% of all helpdesk calls are password resets2, and the average password reset costs around $703. Implementing Verified ID can bypass these challenges, and save you a lot of time and money.

Creating a better identity verification experience

Verified ID not only makes the process efficient, it also makes for a much better user experience.

Creating and issuing Verified Credentials is as simple as scanning a QR code and adding it to your digital wallet.

Plus, the process is further enhanced, thanks to:

  • Online identity proofing.
  • Corporate account sign-ins.
  • Self-attestation of a credential that suits you and your user’s needs.

You store your verified IDs in a digital wallet. They’re built on familiar technologies, like the Microsoft Authenticator app. Which makes it intuitive and simple for the user to manage.

Plus, you now own these verified credentials. Meaning you can see who you’ve presented them to, and revoke access, at any time.

Conclusion

The technology to help us interact in a digital world has accelerated at a breakneck pace.

But, there’s been little improvement in how we interact with these services and applications.

We’re creating unique, centralised identities for each platform with whom we interact.

Every time we engage with a new app, we create a new, unique, and centralised identity.

And this puts us at heightened risk. The more identities we have stored by third-parties, the more vulnerable we are to being compromised by bad actors.

What’s more, it’s also something of a hassle. Every time our details change, so we need to update them with every provider.

Verified ID represents a seismic shift in digital identity. It allows us to create a secure, verified decentralised identity. A credential issued and verified by trusted organisations, that we can use with ease, whenever needed.

Keeping our identity safe, trusted, and always under our own control.

Key takeaways

  • We all have multiple digital identities, which we neither own nor control. These are vulnerable to breach and theft when stored and managed by third parties.

  • Verified ID is a decentralised identity solution that puts the user firmly in control of who has access to their identity credentials.

  • It improves the user experience and benefits organisations through better security, compliance, and a reduced risk of human error.

  • Best of all, by using decentralised identifiers (DIDs) like passports and drivers licences, Verified ID solves the problem of universally accepted digital identity.

tag icon

Free Video

Implement simple trustworthy identity verification

Confidently streamline your secure identity verification and reduce admin.

Watch now and discover how Microsoft Entra Verified ID:

  • Simplifies and safeguards employee onboarding
  • Secures personal information exchanges
  • Removes compliance processing headaches
tag icon

Great emails start here

Sign up for free resources and exclusive invites

Subscribe to the Kocho mailing list if you want:

  • Demos of the latest Microsoft tech
  • Invites to exclusive events and webinars
  • Resources that make your job easier
Butterfly overlay image
Marcus Idle profile headshot

Author

Marcus Idle

Head of External Identity

Marcus has built a busy External Identity practice working with Azure AD B2C, B2B, and Identity Governance features. He’s passionate about bringing cloud and external identity to life to solve our clients’ business problems.

Butterfly overlay image

Got a question? Need more information?

Our expert team is here to help.