Immersive technologies, including augmented and virtual reality (AR & VR) devices, have enhanced digital communication along with a considerable increase in digital threats. Thus, authentication becomes critical in AR & VR technology, particularly in shared spaces. In this paper, we propose applying the ZeTA protocol that allows secure authentication even in shared spaces for the AR & VR context. We explain how it can be used with the available interaction methods provided by Head-Mounted Displays. In future work, our research goal is to evaluate different designs of ZeTA (e.g., interaction modes) concerning their usability and users' risk perception regarding their security -while using a crosscultural approach.
IntroductionNew-age technologies help to connect people despite geographical constraints. However, such technological evolution brings new risks. Augmented and virtual reality (AR & VR) are such technologies that have expanded considerably and are projected to reach $114 billion and $65 billion, respectively, by 2021 [44]. AR & VR systems like the Oculus and Google Glass increasingly promise to provide social activities like interactive gaming, virtual shopping, or attending virtual meetings [46]. Many of these activities happen in so-called shared spaces, i.e., places not strictly public, but where multiple people are present at the same time [22]. However, these technologies also introduce new security challenges in AR & VR [24], including authentication challenges. Nowadays, authentication on AR & VR systems is neglected or carried out on the smartphone or PC [6]. Yet, if authentication is required during a VR experience, e.g., paying for a product