While some new mixed reality and headset experiences will literally be in your face, other consequences will be more difficult to see. The security stakes will be higher than we initially think, as with all new categories. Any new device has a built-in social engineering benefit due to its novelty. In the metaverse, as opposed to a deceptive domain name or email address, fraud and phishing attacks that target your identity could originate from a familiar face, such as an avatar impersonating a colleague. If we don’t take action right away, these dangers could be deal breakers for business categories, and there will be both intentional and unintended innovations and experiences.
Interoperability is essential because there won’t be a singular metaverse platform or experience. Trust cannot stop at the entrance to a virtual meeting space, for instance; it must stretch to the conversations and apps therein. If it does not, security uncertainty will make people unsure of what to say or do in a new virtual space and open up vulnerabilities.
At the beginning of this era, we have a single opportunity to create clear, fundamental security principles that encourage confidence and comfort for metaverse experiences. If we pass up this chance, we’ll unnecessarily discourage the uptake of technologies that could greatly enhance accessibility, collaboration, and business.