Leaders in the technology, business, and government sectors must address issues related to user privacy and security as virtual worlds take shape. Learn from your mistakes and use what you’ve learned to shape these worlds in Web 3.0.
“The metaverse,” as Mark Zuckerberg calls it, implies that there will be only one virtual world to explore. This is not the case. One company may not be able to rule them all because there are already several metaverse worlds open for business.
When it comes to building safe metaverse worlds, James Arlen, CISO at database-as-a service company Aiven, knows that there is no one winner and many losers. Nash’s equilibrium is much more prevalent here, meaning that each player must take the decisions of their fellow players into account when formulating a strategy. Everyone wins if they all lose a little bit, he claimed. If we help each other, it can be a model where everyone wins.
As virtual worlds become more common, there are a number of issues that need to be addressed.
- Resolving current infrastructure issues
- managing one’s online identity
- Establishing a common set of rules and regulations
- Setting virtual world trust and safety policies
- Making sure the policies are enforced by the right people
There will always be a need for a safe environment in virtual worlds, according to Tiffany Xingyu Wang, Spectrum Labs’ chief strategy and marketing officer.
In order for any metaverse to succeed, “trust and safety are essential,” she said. A metaverse version of 4chan is inevitable in the absence of safety nets. Wang believes that the frequency and intensity of harassment could be increased in a persistent and continuous environment, such as the metaverse.
It’s “not like you’re constantly there” with Facebook because you can close your laptop or app, she said. It’s much more powerful because it’s an immersive, multisensory experience. “The toxicity lead time is significantly shorter.” It is expected that virtual worlds will require laws to govern financial transactions and legal issues, such as intellectual property rights. Credo AI’s CEO and co-founder, Navrina Singh, said that in order to keep consumers safe in the metaverse, governance issues must be resolved now in the real world.
Because of the lack of AI oversight, businesses are putting their customers at risk of fraud and identity theft, according to Singh. A governing and regulatory framework is needed for the metaverse, according to Ahmer Inam, chief AI officer at PacTera Edge.
There is a strong belief that businesses can be self-governance, but that has not been proven, so these rules must be enforced and mandated by the public sector,” he said. A lack of social responsibility has been shown by companies that rely on engagement to make money, thus far.
To build a more secure and ethical metaverse, tech leaders and government officials need to address a number of issues, including but not limited to the ones outlined above. A look at what it would take to solve long-standing technological issues, deal with new ones, and establish virtual road rules before disaster strikes.
Putting up a house on shaky ground
When it comes to metaverse talk, Arlen sees it as a case of “everything old is new again.” There are both advantages and disadvantages to implementing a new user interface over an existing system. For both new and established businesses, Aiven is a database-as-a-service platform that provides access to a wide range of established and new database technologies.
As he put it, “the stuff underneath this new user interface is still servers and data centres.” The consequences of reskinning something that is already known to be a poor quality product are enormous..”
Adding another layer of abstraction to the technology experience results in the loss of some context for the lower layers, Arlen said. Individual authenticity and how authenticity and authentication are intertwined in virtual worlds also cause him concern.
He said, “We know today that we are bad at federated identity, and we’re really bad at good, high-quality authentication. We currently lack a meaningful way to prove that my LinkedIn, Twitter, and Facebook IDs are all linked to the same person.”
There is also the issue of safety and anonymity for people like dissidents and social justice activists who may be targeted if they use their real identity online. He announced that the real name policy was now in effect. In a strange way, “all of these things” intertwine.
For him, the real issue isn’t just the new UI on top of existing technology; it’s what it could mean. As he put it, “The super salient point is that we can’t predict what this is going to do to us until after we’ve done it.
The following image was provided to us by the talented photographers at Adobe Stock under the creative commons licence:
- Assessing the situation for potential problems
- Any metaverse is confronted with two types of fundamental security issues:
- Technologists have been dealing with the same problems for decades.
- New ones designed for a metaverse setting
There are many familiar security threats in the metaverse and cryptocurrency, such as those related to fake identities and false promises. It’s not uncommon for scammers to raise the value of a coin by selling NFTs and then disappearing with the proceeds before making any actual coins. Decentralized finance hacks lost $361 million in the first half of 2021 due to these rug-pull scams.
- Additionally, virtual worlds have their own set of issues.
- At the same time, the same NFT can be minted on multiple chains.
- Discord channels are used by scammers to prey on people who are looking for help.
- An NFT’s value rises when it is added to a whale’s wallet by bad actors.
- Attempts to steal cryptocurrency wallet addresses through phishing attacks.
Two Cisco Talos researchers said that in both cases the biggest problem is that there is no recourse if a person is duped in a virtual world.
You can only lose $1 million in a few places, according to Biasini, and you can’t do anything to fix it. Another issue, according to Schultz, is the protection of intellectual property. According to him, “people are minting NFT images of characters that are not their intellectual property,” he said.
Schultz attributed many of the scams involving NFTs to a “irrational gold rush fever.” When it comes to cryptocurrency, “you have a massive amount of people who have FOMO, and they’re jumping in with all they have.”
Assembling an agreed-upon set of guidelines
Concept of internet network security with a person sitting in a chair using a laptop.
Securing virtual worlds will necessitate cooperation between corporations and governments, according to the two Cisco Talos security experts. There is currently no unified metaverse. There are a wide variety of virtual worlds to choose from, each with a unique set of features and access options. The best way to ensure interoperability between these virtual worlds is to establish a common code of conduct.
We need these companies to collaborate to create a common standard across these worlds,” Biasini said at the meeting.
What we’re fighting for now is a truly democratic shared metaverse where everyone has an equal shot at success, or will Facebook operate in god mode and run the show? Schultz made the statement.
As far as acquisitions are concerned, Biasini said there will be ongoing concerns.
If Facebook were to build a metaverse and then buy smaller ones, “it’s entirely possible to bring them all together,” he said. Schultz suggested that managers of the metaverse could learn from email’s early days. It’s possible to keep tabs on bad actors and build a list of those who should be blocked from our networks, he said.
In addition to identifying bad actors and putting pressure on legitimate actors to ban criminals, the public nature of blockchain transactions provides another avenue for doing so.
According to Schultz, “criminals must eventually cash out somewhere, and law enforcement can follow the money from these wallets and track people who commit crimes.”
For cryptowallets, the concept of gaining trust is also relevant to building a brand. In the same way that new domains are viewed with suspicion, wallets that are only 10 minutes old will be viewed with scepticism.
For the wallets that you accept into your world, “you will want a provenance,” Biasini said. “Newness is of no use to you. Additionally, Biasini expects more conventional measures to be implemented in relation to metaverse transactions.
People are already talking about taking down names and other personal information, “just like we do with fiat money,” he stated.