Before we answer the question, let us define the general concept of augmented reality and see how it works.
AR applications place visuals – 2D/3D pictures and animations – on top of a camera feed or an AR marker (a set of geometric shapes which can be interpreted by an augmented reality browser) to enhance user experience.
Technically, the process is carried out in three stages:
With multiple AR platforms, the technology implementation doesn’t require great experience in computing. Among the most popular platforms one should name Layar (over 1.5 million users and 9 thousand third-party developers), Wikitude (13 million users and 30 thousand vendors) and Junaio (20 million users and approximately 20 thousand developers).
Augmented reality insecurities are predetermined by AR infrastructure. Since the majority of Web and mobile apps fail to support augmented functionality, custom software developers have taken a brand-new approach towards application design.
The crucial elements of augmented reality architecture include browsers, channels and servers. Just like ordinary Web browsers, AR gateways extract and display website content. They also allow AR channels (applications) to access sensors, create graphic objects and integrate visuals into user environment.
Top 4 reasons for AR vulnerability:
Augmented Reality: cyberthreats & ways to improve security
AR solutions can be developed with the help of specialized (Junaio, Wikitude, Layar, etc.) or regular (iOS, Android) SDKs. Scholars from University of Texas conducted an independent research to analyze security defects common for AR browsers and came up with possible solutions.
Hackers that monitor browser-to-server communication can retrieve not only the images but also GPS data. As of now, AR servers do not implement strong security protocols to protect user information. Also, there’s a lack of interoperability between augmented reality components, so direct browser-to-server communication is hard to establish.
AR security issue needs to be solved
By 2017, the number of AR applications downloaded on to smartphones and tablets will reach 2.5 billion. The technology is already implemented in healthcare (Google Glass and AccuVein), education (Boeing training programs), banking (ATM locator solutions developed by Royal Bank of Canada), retail (Lego X, IKEA AR app, Shoe Sampler by Converse) and smart home systems (LG’s Hom-Bot Turbo+ vacuum cleaner).
What does it mean? Basically, third-party apps access your personal data, including precise location, Wi-Fi passwords and credit card numbers. Augmented reality is closely related to the Internet of Things. The first IoT malware was detected over 2 years ago, and there have been several IoT cyber-attacks, including the spamming fridge and hacked baby monitor.
Let’s face it: there are no universally approved security standards for IoT and augmented reality – at least, not yet. You don’t have to worry, though. AR’s market appeal is too impressive for vendors to neglect the security issue. Stay tuned for latest augmented reality news!