Sign up for our newsletter
Technology / AI and automation

Securing Mind-Hacking Virtual Worlds: The VR Security Chimera

Virtual reality (VR) is a technology which really captures the imagination of consumers and business alike – both figuratively and literally.

We have had fantastical portrayals of VR in literature and movies for many years, with the technology now starting to make waves in the real world. We have seen the VR headset market explode, with new incumbents like the Sony Playstation VR going up against more established players like Oculus Rift, Samsung Gear VR and HTC Vive.

We are also seeing the application of VR move into new markets, with Lloyd’s Bank leveraging VR for their graduate intake and Alibaba rolling out a payment service for VR shoppers. There has also been a real drive for companies to push the boundaries of VR – Microsoft only recently published research about technology providing haptic feedback to virtual experiences. This could make VR even more real, with people able to touch and feel the virtual.

Like all new technologies, VR is not immune to criticism and wild stories about the dangers of immersing yourself into the virtual world. From hackers taking over your mind to brain damage, there has been much discourse on the inherent dangers of the technology – but is there any truth to these dangers and if so, how can we protect against them?

White papers from our partners

playstationvr
PlayStation VR is the latest member of the PS4 family and is the latest addition to the VR headset market.

Like all other connected technology, one of the biggest security risks associated with VR is data and privacy. Although not as exciting as some of the myths perpetuated around VR, data and the security of information generated will be one of the biggest VR concerns – just like today’s connected devices.

“If personal data is collected (for example, through payment mechanisms or profiles of users), data protection compliance obligations will come into play. Transparency and consent, in terms of what data is collected and used for, will be paramount – as will ensuring that there are robust technical and organisational mechanisms in place to ensure that data is kept secure,” Elle Todd, Head of Digital and Data at Olswang, told CBR.

However, there is one major difference between the data collected with today’s devices and the information gathered by VR devices. The most personal information which makes us unique will be put into play – our behaviours, our actions, our movements, what we look at and even our brain waves. This raises a concern often linked to data security – privacy.

“One of the main concerns about VR technology is around privacy, for it introduces the capability to collect new types of very sensitive and very precise data about its users,” Teesside University lecturer Joao Ferreira told CBR.

“Oculus’s privacy policy, for example, states that they automatically collect location information and information about physical movements and dimensions. It is reasonable to expect that future mainstream VR devices will also collect information on emitted brain waves and patterns.”

This could give rise to a whole new level of identity theft, with hackers seizing the new data sets to create more elaborate impersonations. Dr Ferreira even points to the possibility of hackers exploiting brain-computer interfaces in order to extract information such as bank cards and PIN numbers.

What are the hackers doing in the virtual world? Continue reading to find out

This article is from the CBROnline archive: some formatting and images may not be present.