Whilst the fondness of digital identities and convenience is universal, multiple uses of a credential can present a privacy risk known as linkability. Hidden identifiers can link separate activities together, such as logging into various apps or accessing a mobile driver licence, to build a profile of the user’s digital behaviour.
Microsoft has created a cryptographic library, Crescent, addressing “unlinkability” in popular identity models and protecting privacy as the user’s digital behaviour around authentication can not be tracked. Crescent is a modernisation tool that can integrate with any of the existing credential issuing systems that organisations use.
The cryptographic library does not require organisations to update their systems, as ready-to-use it untangles surveillance.
The privacy features offer more than selective disclosure that exists in systems already, where credentials can still be linked through serial numbers, cryptographic signatures, or embedded identifiers, according to Microsoft. This defeats the principle of selective disclosure allowing users to only share the personal data they want to with digital identity systems.
Crescent’s feature totally disables linkability that connects credentials with separate digital interactions.
Microsoft said its developers generated two approaches to adding unlinkability to identity systems including, JSON Web Tokens and mobile driver licences. Integrating specialised cryptographic signature schemes can provide unlinkability but requires changes to standardise and introduce the new algorithm into software and hardware platforms. Users can also provide zero-knowledge proof that they hold a credential without revealing any further personal information that could be vulnerable to tracking.
