By Yasodara Córdova and Thiago Diogo*
You’ve definitely heard of the metaverse in the last six months. The word, adopted by Meta (formerly Facebook) to designate its newest purpose, entered the digital technology scene as a synonym for virtual environments for interaction that are more representative of human social experience. The promise is a virtual space with an experience very close to the physical world.
However, a metaverse can be much more than that. Metaverses have been around for at least 19 years since SecondLife, with different levels of depth and very different types of interaction. Metaverses are persistent virtual worlds that continue to exist even when you are not inside them, combining aspects of the digital and physical worlds.
Whether or not we are in a virtual world depends on each of us choosing how we are going to present ourselves there. MMOs, (Massive Multiplayer Online) have been presenting metaverse aspects to users for at least 20 years. What has changed? First, more image processing technology, better connectivity (5G coming), new devices for connection (augmented reality), and especially the generations that are born interacting online, blurring the boundary between the virtual and the physical.
In the past, avatars were the best definition of virtual presence, before metaverses represented the opportunity for us to interact with our real-world identities. When you’re in a game, you don’t necessarily need to present your social name or your government-given identification number.
However, if you are a streamer and you are successful, you will need to connect your gamer avatar to a bank account to be paid by the platform, for example. It is at these times that the virtual and physical worlds begin to mix for real.
Digital identities in the metaverses
To interact between universes that mix the real identity of the physical world with the avatars of the metaverses, people will need persistent digital identities. This digital identity tends to keep the user experience focused on certain features that jump between worlds, according to the need for use.
An interesting metaphor for us to understand how our interaction with the metaverses will be is Dr. Strange’s ability to jump between multidimensional windows — taking his superpowers and items, like his magic cape.
Just as Dr. Strange has his persistent identity, which takes his main characteristics and powers to different dimensions, the digital identity will carry the credentials that people choose to the different metaverses. It is very likely that metaverses in the future will all be part of an interoperable layer, allowing you to take virtual items like clothing or game items, or credentials, from one platform to another.
For example, if you took a course, the certificate is linked to your digital identity as a credential (something like an “unlocked power”), and you can take it to the metaverse of your choice — or your company’s choice. It is also possible to imagine a scenario where you acquired an item in one metaverse, but you can take it to another, just like in the physical world you buy a shoe and you can decide to use it at work or at the club.
This extension of the “official real life” to the metaverses is a full plate for providers of digital identity platforms, or “identity-as-a-service” — which today already authenticate people for various situations in life, such as making payments, signing documents, communicate, among other things.
With real life represented in digital identities, a data breach takes on an exponentially greater dimension, with risks of avatar theft and fraud of unprecedented proportions. In this context, the premise is to understand how each resource can help users protect themselves when using their digital identities and, at the same time, facilitate the construction of trusting relationships within and across platforms.
We are sure of one thing: The explosion in the use of metaverses in everyday life has enormous consequences for our lives and requires us to improve controls and protections to deal with the threats that will emerge in this new world.
In fact, we can already imagine the metaverses being used to sell stolen identities, just as it happens today on the Dark Web — in practice, we can even say that the different worlds of the Deep Web could turn into metaverses, depending on the level of immersion of the users. . Robust security mechanisms are therefore imperative for the new era of identity in digital life.
And how to guarantee the trust with the identity in the metaverses?
Although metaverses are digital spaces, they are governed, limited and powered by the same mathematics that defines our real world. That is, the same mathematical premises are valid for all universes and metaverses. This means that, once again, cryptographic primitives can be used to ensure trust between virtual or real individuals.
In other words, there is no metaverse capable of twisting cryptography as we know it today. Therefore, only mathematical proofs will be able to identify things and participants across different universes in a consistent and secure way, while allowing the user to control who shares these items with. This means more privacy in practice.
This is already happening. In the metaverses, one of the common practices of participants is to use Non-Fungible Tokens (NFTs) to mark unique items. And the NFTs issued, traded and used in the metaverses are already based on cryptographic evidence. While the NFT market is still an experiment and there is no evidence that the business model will last, a more secure and regulated version of these technologies may prevail to ensure that credentials remain with their owners.
With all this, we can already imagine a self-sovereign digital identity, that is, controlled by the bearer himself, in any universe, capable of generating mathematical proofs for unique, non-transferable and irrefutable identification, as is already happening today in our real world. .
The interoperability of identity between universes can also be guaranteed by mathematics and cryptography, driven by the use of standards to ensure consistency between platforms, since checks and confirmations can be the same and with the same guarantees, regardless of the universe ( provided that the same universe is governed by the same mathematical laws that we know today).
Looking to the future, these technologies will enable us to live safely and privately in worlds where technology is pervasive even outside of virtual environments. With the implementation of 5G, the internet of things will be an important item in the construction of the metaverses — and the self-sovereign digital identity the key to protecting our personal data, virtual items and, why not, physical items.
It is good to be prepared for this future of metaverses, ensuring from now on that the ecosystem looks carefully at the principles of privacy and security.
*Yasodara Cordova is Principal Privacy Researcher at Unico and Researcher at the Center for Democratic Governance and Innovation at Harvard University (USA) and Thiago Diogo is director of engineering at uni