Identity in the metaverse at risk, says former Windows architect
The metaverse is coming for users at full speed. Companies and brands are jumping into digital reality, and according to a recent survey, consumer interest is climbing alongside all the activity.
At the same time, as more users join in on metaverse activity, the risk grows for nefarious activity in digital reality. A report from cybersecurity firm Kaspersky revealed that exploitation and abuse in the metaverse are set to rise in the next year.
Threats range from scams, to be expected with digital interactions but also avatar-related identity theft and abuse.
For a better understanding of the dangers and risks users can face stepping into digital reality, Cointelegraph spoke with Andrew Newman, CTO and co-founder of cybersecurity firm ReasonLabs and former architect of Microsoft's Windows Defender anti-malware software.
The primary concept users must understand is that metaverse identity is “likely to become users’ digital identity,” according to Newman.
“As our real-life and online identities continue to merge, the stakes for identity theft on the Metaverse will increase.”He highlighted that avatar scams have already been reported on platforms like Roblox. The example given by Newman was that the hacker may try to convince a user that they need access to their avatar for a number of reasons, with the ultimate aim of stealing their digital identity.
Although it’s a common occurrence to have digital identity threats, as money or virtual currencies become tied to metaverse avatars, these threats will increase. Newman warns consumers as more money is spent on digital assets for these avatars.
“Just as we are protective of our physical assets, we need to make sure that people protect their digital assets and personal information within the Metaverse.”The amount and various types of digital assets with real value that users can own is endlessly expanding. This incites that cyber crimes and theft will only become more complex and digital reality expands.
Related: Self-sovereignty in the creator economy and Web3 — Is there room for both?
There is a lot of promise in blockchain and emerging technologies for transparency and security. However Newman says users need to be vigilant nonetheless.
“We shouldn’t assume that our funds are not susceptible to theft simply because they are in the Metaverse rather than in a traditional banking network.”Another component to identity theft in the metaverse is that minors are susceptible to such threats. In many ways, the metaverse is designed to engage both youth and young adults.
Minecraft, Fortnite, and Roblox all have attracted young user bases. Often, minors don’t grasp the importance of cybersecurity or their digital footprint. Newman said, there are already existing threats minors face in online digital worlds. However:
“Finances might shift over time from virtual in-game currency and items, to more traditional finances such as real money or crypto ties to newer “web3” identities in games.”This would create more value to be exploited from unsuspecting minors.
Currently many major Web3 developers such as Chainlink, are developing new security protocols for users in digital reality. Developers both inside and outside of the industry are looking to create a global metaverse policy to troubleshoot a list of growing concerns.