Living in the Metaverse: Form Factor and Continuous Authentication Are Key

Form factor has to date been the biggest barrier to adoption of virtual reality headsets for the metaverse, and when we do manage to get it right, a key challenge which will need to be addressed for living in the metaverse is continuous authentication.

These were some of the points raised at this week’s CW (Cambridge Wireless) international conference, CWIC 2022, which took place just outside Cambridge on the grounds of the Wellcome Trust Genome Campus. The main focus of the conference was the hyperconnected human, with a look at some of the innovations in devices and solutions pushing the limits of connectivity.

The opening keynote talk was delivered by Professor Shafi Ahmed, who is a connected health and 5G ambassador for Vodafone and talked about ‘21^st century humanity’. He covered aspects of connectivity that impact our lives, and what the future might look like as we see convergence of a multitude of technologies ranging from genomics, biotechnology and robotics to 5G, IoT, virtual/augmented reality, cloud computing, and quantum computing. Examples he highlighted were things like hyperconnected surgeons with digital twins of operating theaters where doctors and students can learn from specialists; to consultations with doctors in avatar form in a digital metaverse.

His talk left me both excited and disillusioned. The excitement was about the aspirational opportunities for connected health in the era of the hyperconnected human. Imagine the connected ambulance enabled by low latency 5G enabling trained doctors to assess and treat patients while still being transported to hospital.

The disillusionment though is that the reality is very different. As an example, one of the promises of connected health is to care for elderly parents at home. With this in mind, we thought a fall sensor would be a great way to help my mother live more effectively at home – if she had a fall, we’d be alerted immediately as it connects through a local connected hub to a call center which alerts me straight away. However, with so many false alarms and most of them in the middle of the night, my mother now refuses to wear the fall sensor. The same happens with several other sensors placed around her home. And these are officially approved sensors provided by the national care authorities!

This leads me to think that the connected health utopia the semiconductor industry and OEMs evangelize is still far from here. I spoke to Professor Ahmed after his talk and asked him about the disconnect between the aspiration in our industry and the reality of our day-to-day experiences. He said these technologies are actually being deployed effectively in countries that don’t have legacy systems – such as in the Middle East and Asia. But in the U.K. and other developed nations it’s not easy to upgrade or replace legacy systems and processes for healthcare. On top of that are regulatory hurdles. Indeed, there needs to be some regulation, but decision makers for the health service and the regulators are not always tech-savvy or still only feel comfortable with older processes and systems.

Authentication in the metaverse

The security, identity, and privacy track at the conference highlighted how we’re going to need to look at future authentication technologies more seriously if we are to be ‘constantly connected’ in the metaverse. David Pollington, head of research at Bloc Ventures, said that in a hyperconnected world, we’re escalating the risk of over-sharing our data and information, and consequently we’re more at risk – especially since there is no identity layer on the internet.

What we really need in such future scenarios is the concept of continuous authentication, according to Max Smith-Creasey, a security research specialist at BT. Current user authentication involves a combination of passwords or pin numbers, pass-cards or passports, and biometrics. He said that this traditional authentication involves something we have or something we have to authenticate. When we are constantly connected in the metaverse, or just even connected, devices lack protection once they have been authenticated once and are left in the on state (for example a laptop).

Hence there is a need to build another security layer with password-less authentication. For this to happen, this is likely to require training of models on physiological and behavioral biometrics that are continuously collected and assessed. There are five key modules needed for this concept of future authentication – as shown in the slide:

But for continuous authentication, there will also be challenges in terms of:

• Spoof detection – how can we protect continuous authentication from spoof attacks?
• Demographic bias – how can models that have in-built bias be mitigated for different types of data?
• Tradeoffs – what is the optimal compromise between security, usability, and privacy?

In addition, continuous authentication brings up another challenge as far as the chips are concerned. Andy Young, principal solutions architect at Keysight, said the chipsets required for security in the metaverse and continuous authentication will dissipate significant heat, so that becomes a problem. Young also cautioned that we need to be thinking about security. He stated, “A lot of our discussion is driven by the art of the possible, but nobody thinks about the dark art of security.”

Form factor hinders penetration of VR/AR headsets

One of the audience questions in the opening fireside chat was from the futurist David Wood, who asked the panel why we haven’t seen penetration or adoption of augmented reality headsets. Responding to this, Professor Ahmed said that the key issue has been form factor. The second panelist, Guillaume Lebrun, who leads global connectivity policy for Meta, meanwhile said that we are still in the very early days; he said, “We’re still 8-10 years away from glasses we’d be comfortable with. The third panelist, Alex Ruhl, head of metaverse technologies at PwC, agreed, “It’s not coming any time soon,” referring to VR/AR glasses for the metaverse.

One thing that could drive this form factor to a more appealing product for consumer adoption is smaller displays. An example of companies that have the potential to enable such products could be Trilite Technologies. It received $8 million in funding last year, with investors including Hermann Hauser, best known for co-founding the company that became Arm. Hauser said last year, “Trilite’s tiny displays are set to be a game-changer for AR/MR glasses since they’ll be as lightweight as today’s eyewear, and this is sure to finally drive mass adoption of AR/MR in the consumer market.” Indeed, he believes that many more people will be able to experience AR through AR glasses within the next decade. The key to the breakthrough enabling this is a downsizing of the technology.

The CWIC conference underlined the art of the possible as a result of the convergence of the many technologies that are being developed today. It also highlighted the implications of this hyperconnectivity in more areas than we’ve explored in this article. But it is clear that if we’re connected almost all the time, that increases our risk levels in terms of privacy and staying secure. We’d certainly need to look at things like continuous authentication, but also the consequences of adding more silicon for enabling this, especially from the power consumption and heat dissipation perspective. Ultimately, the more we connect, the more solutions we’ll need to enable security.

This article was originally published on EE Times Europe.

Nitin Dahad is the Editor-in-Chief of embedded.com, and a correspondent for EE Times, and EE Times Europe. Since starting his career in the electronics industry in 1985, he’s had many different roles: from engineer to journalist, and from entrepreneur to startup mentor and government advisor. He was part of the startup team that launched 32-bit microprocessor company ARC International in the US in the late 1990s and took it public, and co-founder of The Chilli, which influenced much of the tech startup scene in the early 2000s. He’s also worked with many of the big names—including National Semiconductor, GEC Plessey Semiconductors, Dialog Semiconductor and Marconi Instruments.