As August settled in, Amazon, in a marketing stance, came out with an offer of $10 in credit for customers willing to enroll their biometric data in the company’s palm print recognition system, Amazon One.
In September 2020, Amazon launched Amazon One, pitting it as an easy way to pay in the company’s stores and a future identity service to be used by other venues and businesses.
The process is like a breeze where users position their hand over the company’s scanners, which recognize their unique palm print based on its patterns of lines, ridges, and veins. However, lack of clarity on the whole thing as it commenced has left the security brigade fuming.
Amazon plans to use the recorded biometric information to verify payments in stores and lieu of entrance tickets and the like. Amazon One is currently available in 50 US locations, including Whole Food stores and Amazon Go shops.
US senators left red-faced over security concerns
Three US senators, including Democrat Amy Klobuchar, who chairs the Senate Judiciary Committee’s antitrust panel, wrote a letter to Amazon.com to express concern about its palm print recognition system, Klobuchar’s office said on August 13.
“Amazon’s expansion of biometric data collection through Amazon One raises serious questions about Amazon’s plans for this data and its respect for user privacy, including about how Amazon may use the data for advertising and tracking purposes,” the senators wrote in the letter sent Thursday, noting that previous leaks and hacks have exposed Amazon users’ data.
The senators in their letter made it clear that besides the security concerns, they are also wary about the misuse of biometric data collected for Amazon One by the company itself.
They showed concerns over Amazon quelling competition in the market by capitalizing on customers’ buying behavior recorded through biometric authentication each time they shop as Amazon plans to provide its technology to third parties.
The US senator trio has asked Amazon to share information by August 26 about how many users have signed up for Amazon One, the company’s data collection and security practices and the sale of the technology to third parties.
Pay-by-Palm plan presents security concerns
Vir V. Phoha, Professor of electrical engineering and computer science, Syracuse University, believes that privacy and security will be an issue because there is a lot of overlap in the structure of hands of different people, so this biometric is easy to spoof.
Identity theft may be a bigger problem than a face biometric as it will be easy to spoof or claim an individual’s identity. It can be a concern if the palm biometric is linked to credit cards and the information is stored on the Cloud. And the Cloud is under the control of Amazon.
He adds, there is a lot of overlap in the structure of hands of different people, so it is easy to spoof. Thus, the security of these systems is not as high as, say, a fingerprint.
Comparing facial recognition to Palm Print, he says to a large extent, palm print is similar to fingerprint because an image (picture) is taken and just a visual inspection does not identify a person (unlike face).
Algorithm matching has to be done. I feel that there are fewer chances of implicit bias because of palm print than facial recognition.