Introducing Entra Verified ID: The system for secured identity verification and resource access management

In an effort to give a push to the security and privacy of companies, Microsoft will be launching Microsoft Entra Verified ID in early August of 2022. It will reshape how identity is verified online while allowing organizations to select the types of information they just want to share with their workers. 

Fake or spam accounts have always been a problem on the web. For companies and organizations, the existence of such accounts can translate to threats to their data security and privacy. Without proper identification before giving them access to company resources and sensitive information, it can result in bigger problems. Microsoft is introducing Entra Verified ID to resolve this.

This new decentralized identity service is the rebranded Azure Active Directory Verifiable Credentials previously seen in the public preview. Microsoft sees Verified ID as an effective way to check online the identification of individuals and their devices. With the decentralized system Microsoft is launching, it will be possible to verify credentials “within seconds” and easily grant users access to company resources. But the real beauty about it, according to Microsoft, is that it will let organizations have more power over what information they will be sharing with the users.

“Verified ID implements the industry standards that make portable, self-owned identity possible,” Joy Chik, Microsoft Identity Corporate Vice President, said in a blog post. “It represents our commitment to an open, trustworthy, interoperable, and standards-based decentralized identity future for individuals and organizations. Instead of granting broad consent to countless apps and services and spreading identity data across numerous providers, Verified ID allows individuals and organizations to decide what information they share, when they share it, with whom they share it, and—when necessary—take it back.”

Chik stresses in another post how Entra Verified ID can contribute to the onboarding and offboarding process in companies. Aside from making the verification automated and straightforward for IT and HR, it can provide a better experience for new employees. What’s more, the new product can make it easier for employers to revoke permission to access company data and information through its access management capabilities. 

“When an employee leaves an organization, their access credentials—along with their access permissions—should be wiped clean to prevent valuable company information from walking out the door with them,” Chik says. “Using modern identity governance tools such as verifiable credentials, IT can select one box to decommission a departing employee’s access to the organization’s digital assets. If HR tools are integrated with identity systems, then any changes HR makes in their systems automatically perpetuate to other IT systems, and vice versa.”

For applicants or individuals that need verification for their identities, the Verified ID system will serve as a portfolio or digital wallet that contains different kinds of information (doctor’s notes, diplomas, educational history, government-issued identity numbers, etc.) they can submit to employers or other individuals requiring verification. According to Microsoft, it also allows employees to revoke the permission they’ve given to previous verifying parties to prevent them from accessing the verifiable credentials in the future.

The Verified ID comes within Entra, which offers all Microsoft’s identity and access products, namely Azure Active Directory, Cloud Infrastructure Entitlement Management, and Decentralized Identity. Moreover, Entra will be applicable on-premises and across AWS, Azure, Google Cloud, Microsoft, devices, websites, and third-party apps.

Verified ID is included in the paid base Azure Active Directory platform, though additional paid services will be offered in the future. That said, the pricing system of Entra for Azure AD users will be per user per month basis. For external identities, payment will be per active user per month, while it will be per resource basis for permissions.