Metaverse: Security to become more of a concern

The organisations that move first to tackle the challenges posed by technology will reap enormous benefits

Metaverse: Security to become more of a concern
You have just become the victim of a cybercrime and your financial assets and confidential data have been stolen.

By Alan Smith, Bhavik Domadia & Derrick Wang

Imagine this scenario: Within the next 10 years, you are in the metaverse and celebrating a successful business deal, but the joyful moment dissipates as it becomes apparent that the avatar (person) was not who you thought it was. Reality sets in. You have just become the victim of a cybercrime and your financial assets and confidential data have been stolen.

As technology advances, our world is increasingly becoming dependent on data to function properly. In our journey to the next frontier, we will transition from viewing data on a screen to being immersed in it. With an estimated CAGR of 43.3%, the metaverse’s market value of $48 bn in 2020 is expected to grow north of $800 billion by 2028. Top players such as Facebook (Meta), Google, Microsoft, and Nvidia are already invested in developing this next generation of IoT.

What is it exactly?
Metaverse is a digital world driven by mixed reality (MR), augmented reality (AR), virtual reality (VR), and blockchain. That said, there is an elephant in the room – security. With the vast and sophisticated data that will be collected within the metaverse, cybercriminals will be looking for ways to hack and game the system. These security concerns can be broken into eight categories:

Also Read| Big Tech fails, govt may form grievance panel

Cybersecurity: Today, firms use modern infrastructure to secure their IT systems. However, there is still always a threat of cyberattacks. These issues will amplify in the metaverse unless we have innovative ways of enforcing cybersecurity governance.
Identity management: While a virtual avatar can be of a personal choice, it is critical to associate it with a distinct real-world identity, using verification methods.
Cryptocurrency & payments: Digital currency payments need to be verified prior to processing to prevent fraud. Verifying the authenticity of an individual or business entity is imperative in this context.
Regulation: Until an industry standard is established and regulations introduced, the onus is on firms using or offering metaverse products/services to enforce strict measures for combating fraud.
Intellectual property: Intellectual property needs to be verified and validated by tying it back to a real-world identity. Failure to do so can lead to IP infringement, conflicts of ownership, disputes, fraud, etc.
Consumer privacy: An increased sense of responsibility to secure and protect the Personally Identifiable Information (PII) of users is needed to maintain privacy. Such information can be stored within a blockchain vault behind multiple layers of security.
Data governance: It is critical for data to be secure and free from possible breaches. Implementing effective data governance operating model and practices would minimise risks.
Data control: The aim of the metaverse is not VR or AR, but MR. MR prototypes are capable of not only tracking body movements and brain wave patterns, but also monitoring what users say or think about. Data this valuable will allow whoever controls it to take over your reality.

But who’s going to dive in first? It is clear these concerns add up to a tall order. So, the first company to tackle such issues will reap the competitive benefits as a first-mover advantage, including huge financial, reputational, and strategic rewards.

Smith is principal consultant; Domadia is senior consultant; and Wang is senior consultant at Capco, a technology and management consultancy

Get live Share Market updates and latest India News and business news on Financial Express. Download Financial Express App for latest business news.