Identity in the Metaverse

In the real world, we don’t have name tags floating over our heads.

In the real world, we don’t have name tags floating over our heads.The metaverse shouldn’t be any different. The exchange of information like a name (whether real or made up), a place of work, or a city of origin, has to be something that is up to you. Giving your name is an important part of the basic exchange of trust that often begins with a handshake… “Hi, my name is Philip”. It is important that we control the decision as to when and with whom we do it. There are unusual cases where we have those names on stickers on our chest or hanging around our necks, but in general we don’t. Most of the time we don’t want to be identified until we are ready. On the flip side, once we are ready to be identified, we often need a secure way of doing it, like a passport or driver’s license.

A ‘metaverse’ of connected internet servers run by different people and containing different parts of the virtual world poses an additional challenge: Not only do you need to have the choice when and to whom to disclose parts of your identity, you also cannot always trust the particular server you are ‘inside’ with different aspects of your identity. This is similar to visiting a new website and being unwilling to give credit card information, or unwilling to login using Twitter or Facebook, until you understand and trust the site.

Our design with High Fidelity is the one that seems like the best solution to meet these goals: Operators of different virtual world servers (we call these ‘domains’) can decide on the level of identity security with which they wish to challenge people arriving at their locations. This can range from nothing (meaning that disclosure of identity information is totally up to you), to a requirement akin to cookies on websites (I want a token that I can use to identify you the next time you login here, but I don’t need to know who you really are), or finally a request for unambiguous identity information (I want to know your real name to allow you to login here).

To make this possible, High Fidelity will run a global service that lets you optionally store and validate identity information (such as your true RL name, a unique avatar name, or proof of connection to other identity services like Twitter or Facebook), and then also lets you selectively show this information to other people in the virtual world, regardless of which location/server you are currently in. You won’t have to use it, but it will hopefully be useful for many people, and will be one of the ways that we will be able to make money as a business.

Thoughts on this direction are welcome. The details of virtual world identity are something that will need to be examined and scrutinized in a suitably open forum, in the same way that we have together made things like SSL and OAuth work for the web. We’ll look for ways to organize these events and discussions as things develop.