View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. AI and automation
October 26, 2016updated 07 Nov 2016 2:34pm

Securing Mind-Hacking Virtual Worlds: The VR Security Chimera

Virtual reality is emerging as the technology of the future - but what threats and challenges could it present to business, consumers and government?

By Ellie Burns

Virtual reality (VR) is a technology which really captures the imagination of consumers and business alike – both figuratively and literally.

We have had fantastical portrayals of VR in literature and movies for many years, with the technology now starting to make waves in the real world. We have seen the VR headset market explode, with new incumbents like the Sony Playstation VR going up against more established players like Oculus Rift, Samsung Gear VR and HTC Vive.

We are also seeing the application of VR move into new markets, with Lloyd’s Bank leveraging VR for their graduate intake and Alibaba rolling out a payment service for VR shoppers. There has also been a real drive for companies to push the boundaries of VR – Microsoft only recently published research about technology providing haptic feedback to virtual experiences. This could make VR even more real, with people able to touch and feel the virtual.

Like all new technologies, VR is not immune to criticism and wild stories about the dangers of immersing yourself into the virtual world. From hackers taking over your mind to brain damage, there has been much discourse on the inherent dangers of the technology – but is there any truth to these dangers and if so, how can we protect against them?


PlayStation VR is the latest member of the PS4 family and is the latest addition to the VR headset market.

Like all other connected technology, one of the biggest security risks associated with VR is data and privacy. Although not as exciting as some of the myths perpetuated around VR, data and the security of information generated will be one of the biggest VR concerns – just like today’s connected devices.

“If personal data is collected (for example, through payment mechanisms or profiles of users), data protection compliance obligations will come into play. Transparency and consent, in terms of what data is collected and used for, will be paramount – as will ensuring that there are robust technical and organisational mechanisms in place to ensure that data is kept secure,” Elle Todd, Head of Digital and Data at Olswang, told CBR.

However, there is one major difference between the data collected with today’s devices and the information gathered by VR devices. The most personal information which makes us unique will be put into play – our behaviours, our actions, our movements, what we look at and even our brain waves. This raises a concern often linked to data security – privacy.

Content from our partners
How to turn the evidence hackers leave behind against them
Why food manufacturers must pursue greater visibility and agility
How to define an empowered chief data officer

“One of the main concerns about VR technology is around privacy, for it introduces the capability to collect new types of very sensitive and very precise data about its users,” Teesside University lecturer Joao Ferreira told CBR.

“Oculus’s privacy policy, for example, states that they automatically collect location information and information about physical movements and dimensions. It is reasonable to expect that future mainstream VR devices will also collect information on emitted brain waves and patterns.”

This could give rise to a whole new level of identity theft, with hackers seizing the new data sets to create more elaborate impersonations. Dr Ferreira even points to the possibility of hackers exploiting brain-computer interfaces in order to extract information such as bank cards and PIN numbers.

What are the hackers doing in the virtual world? Continue reading to find out

Topics in this article: ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.