View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Focus
October 21, 2022updated 31 Mar 2023 11:26am

How will digital identity work in the Metaverse?

Agreement among tech companies on Metaverse standards, particularly as they relate to identity and interoperability, remains elusive.

By Ryan Morrison

The Metaverse, said Mark Zuckerberg, will feel like nowhere else you’ve ever been – but also somewhere completely familiar. ‘The defining quality of the Metaverse will be a feeling of presence, like you are right there with another person, or in another place,’ wrote Facebook’s founder last year when betting the future of his newly renamed company on the distributed future. ‘It will,’ he continued, ‘be built by creators and developers making new experiences and digital items that are interoperable.’

Since that announcement, thousands of Metaverse platforms have appeared, including Meta’s own Horizon. The problem is few of them are actually interoperable – a digital archipelago, of sorts, with little tangible connection with each other besides a common name.

That may be about to change. In June, a motley crew of big brands, technology experts and assorted Web3 boosters founded the Metaverse Standards Forum to hammer out the rules of the road that will define how smaller corporate universes connect into one, gigantic multiverse. Originally started with a membership of just 35 organisations, including Meta, Nvidia, Ikea, Adobe and the World Wide Web Consortium, that number has since ballooned to 1,800 parties – a sign, say some, that the Metaverse is finally becoming a mainstream proposition. 

The forum’s got its work cut out for it, says Matt White, one of its representatives. “The concept of the Metaverse is that it can’t be centralised, can’t be under one platform,” he says. “It is a paradigm shift around ownership and identity that needs to be addressed.”

A Microsoft Teams meeting on Meta’s ‘Horizon’ VR platform. New standards on interoperability are needed to ensure that users can easily hop between virtual worlds without compromising on usability or security. (Photo courtesy of Meta)

Time to develop Metaverse standards

That has to start with defining the extent of an individual’s control over their own identity on multiple platforms. As far as White is concerned, as a user, you should own “your data on your assets [and] monetise it on your own terms”.

That would naturally require standards for authenticating identities across multiple virtual worlds. David Mahdi, CSO at Sectigo and a former advisor to the Canadian government on digital identities management, believes this requires a zero-trust approach, one that would force all users to verify their identity to prevent illicit activity.

“One would hope, that behind the scenes, Metaverse operators leverage the best practices for security and for privacy,” he explained. “In the Metaverse, digital certificates will continue to play a critical role in the creation and protection of all digital identities.” Without them, Mahdi continues, the overall infrastructure of the Metaverse will be vulnerable to devastating breaches, outages and cyberattacks.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Russell King, CEO of Xydus, told Tech Monitor the concept of digital identification and what we do to ensure our privacy in a distributed world will also hinge on ensuring accuracy during the onboarding process – in much the same way you switch between companies or enterprise platforms today.

“I think for a robust identity proposition, it must be done outside of the Metaverse in order to then deliver something compelling and add value,” says King. That wouldn’t, however, require a central authority to act as a kind of arbiter in verifying different virtual identities. “If one can deliver a credential that has no [personally identifiable information] in it, then each universal world can have that credential with its own unique identifier.”

Blockchain and its role in Metaverse standards

For some, this kind of approach to verifying and authenticating identity on the Metaverse would involve harnessing blockchains in some form. White believes that this would be a mistake, arguing that you can’t get the level of authorisation you need, let alone easily update your details, by using the technology in this way. “I think initially we’ll see these, just like the demand registers in this world,” he says. “Over time, it will move to become decentralised through the use of artificial intelligence and deep learning models that can look at your identity and verify it is real.”

Lars Seier Christensen disagrees. The founder of Saxo Bank and the chairman of the Concordium Foundation, he argues that harnessing blockchains is the only viable option for distributed identity. “I think that if you use an underlying blockchain-based solution where ID is required at the entry point, it is actually very simple and automatically available for relevant purposes,” he says. “It is also very secure and transparent, in that it would link any transactions or interactions where ID is required to a trackable record on the blockchain.”

According to Christensen, the goal should be to ensure users retain control of their IDs as the Metaverse develops. That’s more or less encapsulated in current principles of self-sovereign ID (SSI), he says. Under that model, the ID is established by a selected infrastructure, but subsequently controlled by the user,” explains Christensen, with companies only able to store aspects of a user’s identity the latter chooses to share.

Justin Melillo, CEO of world-building engine Mona, agrees that blockchain is the answer to identity management. However, he argues Web3 businesses hold the solution through Decentralised Identity (DID) principles, which differ slightly from SSI in keeping total control over personal data entirely in the hands of the user. DID, explains Melillo, “can be stored on a blockchain hardware wallet and used as a verification tool to access various Web3 services and the Metaverse as decentralised Metaverse creators work on format.

“At the same time, the World Wide Web Consortium (W3C) has recently announced a standard for DIDs. A decentralised identity is a fully secure way to maintain privacy online. Suppose, in the future, we manage to combine it with a Metaverse-interoperable avatar format such as VRM. In that case, we will be able to achieve an entirely interoperable, coherent, decentralised identity to use across various Metaverse worlds whilst maintaining our privacy.”

Despite DID’s overt links with Web3, Melillo argues that the Metaverse doesn’t need Web3. All of its virtual spaces and data, he says, can be stored on centralised servers. “Take Meta,” says Mellilo. “They are building part of the Metaverse, but it is in no way built on Web3. There is no decentralisation, and it is built, executed, and managed by a single company. The Metaverse can, however, leverage Web3 to store all data and virtual assets on decentralised storage, like IPFS.”

For his part, White believes there needs to be an abstraction layer that sits outside the Metaverse to allow the disparate worlds and platforms to connect. “That will allow portability for digital assets, identities and everything across any network,” he says.

That won’t be built by White’s colleagues at the Metaverse Standards Forum. The organisation has stated that its goal isn’t to actually create a set of standards itself, but rather work with individual standards bodies within each sector relevant to the metaverse and ensure interoperability and acceptance. The end goal, it says, is to ‘foster the creation and evolution of standards’ across areas like AI, avatars, virtual reality and identity.

This is being done through a number of funded projects and research initiatives, including one that would make it possible for a 3D asset such as a car or t-shirt developed in one world to be moved and work in another, rendered across multiple engines and systems. In time, hopes White, these efforts will expand and reinforce the wider conversation about standards governing identity and its authentication throughout the Metaverse.

“There will be new start-ups, new companies, new alliances that form and they will start to create market traction and movement,” he says. In time, he adds, “that force will be strong enough that it will push onto the big tech guys to either re-enter and accept open standards or die by the wayside.”

Read more: Self-sovereign identity is making data personal

Topics in this article : , ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.