top of page


"blogger, InfoSec specialist, super hero ... and all round good guy" 



Does Virtual Reality Create New Security Threats?

For many years, virtual reality was something from science fiction movies. It was something that might be possible in the future, but it has already arrived. The pace of technology has moved so quickly in the past few years that there are many things that for a while were just in our imaginations.

Uses For Virtual Reality

The most obvious of all the possible uses of this technology is in the entertainment world. Its biggest impact has been on playing games, and casinos have been an eager earlier adopter of the technology, and now there are virtual reality cafes opening all over the world. Tournaments with big prize money are becoming the norm, as well as local leagues and teams that play against each other.

It is also being used by people in their own homes when they play on their smartphones or tablets. Some online casinos use it for virtual games of poker, for instance, which means that, from a player's point of view, they could be sitting around the table with people from all over the world. The same casinos also offer incentives through sites like Oddschecker to get new players on board. This is not what players always expect and, for most of them, it is a pleasant surprise. It is also being used by some gaming console manufacturers to enhance the games their users play.

Within the film industry, it is becoming a more popular tool, and now there is no doubt that soon it will be put to use by the companies that make the TV programs.

Move away from entertainment and one of the other professions to benefit from virtual reality is the medical profession. Someone who wants to be a brain surgeon, for example, can now carry out a full procedure without actually touching a live patient. Their tutors can watch from anywhere they want and instruct them as they work through the operation.

Is Virtual Reality Secure?

The rate at which virtual reality is expanding into so many different areas is far faster than anyone could have thought. In 2016, about $3.9 billion was spent on this new technology and it is expected that the market will reach $108 billion by 2021.

For many years, when most applications were running on desktops or laptops, the data collection capabilities of online services was limited to browsing habits and interactions with user interfaces. This changed with the explosion of mobile devices and suddenly they had the technology to track locations and movements. Wearables gave them even more information such as samples of your voice and health data.

Virtual reality headsets go one step further by collecting information about your head and eye movements. They all record how you react to different visual content. There is no doubt that as the technology continues to progress, the more capable virtual reality will become when it is relating to collecting information about the user.

'Data Man' - Damiean Gadal via Flickr (CC BY 2.0)

The concern is, how secure will the data these big companies collect about you be? Just like all other companies that collect personal data, they will have to be open and transparent about how they mine, store and handle the information, and whether it is being passed on to any third parties. They also need to be certain they can protect the data on their own servers.

Data with AI can be a huge advantage, as it has already done so in the fight against cancer. The problems come when the data ends up in the wrong hands because it can also be used for evil purposes as well. Securing user information is already a big concern for the likes of Google, Facebook, and Amazon. With virtual reality, the potential security risks are much worse.

Identity Theft

Identity theft already happens on a large scale, but virtual reality makes it even easier. VR products are going to want basic information such as name, phone number date of birth and email. Some will want credit or debit card details and others will want to link to social media accounts. Already there is all the information need to steal an identity, and to some extent, the risk will be down to how much information users are prepared to divulge.

What needs to be remembered is that the information is never solely in the hands of the company you are buying from. How many people do you think bother to read the lengthy terms and conditions that in the small print say the data may be sold to a third party? Most people find it too onerous a task and just agree without even looking closely at all.

Social media platforms are becoming involved in virtual reality, and the overlapping of the two seems inevitable. Even using a VR headset at home is not totally secure. Data about whatever you are playing or watching can be recorded and sold, just like it can be from our smartphones and other devices.

'Oculus Rift Driver' - Nan Palmero vis Flickr (CC BY 2.0)

Hacking a VR Headset

Although there have not yet been any reported cases, there is the potential for the hackers to get into your VR headset while you are in the comfort of your own home. The problem then is that they would not be too interested in selling your data to a third party. They are more likely to be stealing your card details for future use.

There is also the potential for government agencies to use the same methods as the hackers. It is no secret that people like the FBI, CIA, and NSA are constantly on the lookout for new ways of collecting data, and virtual reality could be their next step.

If we go back to our original question about whether virtual reality is secure, it is probably not more insecure than all the other online devices that are in use today. It is not the type of technology that is the problem, but the way the one innovations are used, which unfortunately are not always for good.


Commenting has been turned off.
bottom of page