Earlier this week, Amazon unveiled Amazon One – a new technology for its Amazon Go stores that allows shoppers to pay for their groceries by scanning the palm of their hand. By analyzing the shape of your hand and the unique configuration of the veins under the skin, Amazon says its technology can verify your identity in the same way as facial recognition.
While Amazon One will initially only be used for payments, it’s clear that the tech giant has much bigger ambitions for this hardware. In the future, he says, Amazon One could not only be used for shopping, but as a substitute for tickets to music and sporting events and as an alternative to the office key card, allowing you to scan with a touch of your hand. In other words, Amazon One is not a payment technology. It̵
Understandably, some experts are skeptical of Amazon’s convenience claims and worry that a company with an uneven privacy track record becomes the controller of a new identity standard. Whether it’s Amazon’s use of partisan facial recognition algorithms or its ambitions to grow a home surveillance camera network, this is an organization that has proven many times that individual privacy isn’t always its primary. concern. Is it a good idea if Amazon knows exactly who you are from the palm of your hand?
Let’s start by looking at the technology itself, which is thankfully simple. Handheld scanning has been around for years, and while Amazon doesn’t offer many details on their implementation, it appears to be similar to the examples of the technology we’ve seen before.
As the company explains on its FAQ page, Amazon One hardware verifies a user’s identity by looking at “the tiny features of the palm of the hand, both surface details like lines and ridges, and subcutaneous features such as veins”. Usually, vein scanning is done using infrared light that penetrates the surface layers of the skin, although Amazon doesn’t specifically mention this technology. It says anyone can sign up for Amazon One by inserting a credit card into one of its scanners and registering one or both palms. The scanners can then identify someone “in seconds” without skin contact. (A bonus during a pandemic, but not cleaner or faster than using many contactless credit cards.)
From a security point of view, palm scanning has some key advantages over other biometric data. First, the information used to identify you is not easily observable, unlike the face or ear print. Fingerprints can also be detected by objects touched or photographed from a distance. It is much harder, in comparison, to take a picture of someone’s hand and use it to fake their veins.
“All the other biometric data that is becoming common – face, fingerprint, iris – is all quite observable and visible from the outside,” said Elizabeth Renieris, a law and policy researcher who focuses on data governance and rights. humans. The Verge. “There is definitely something to be said about advanced security [of palm scanning]. “
Likewise, the information gathered during a palm scan makes it easier to incorporate a life test: to verify that you have a real, living person in front of you. For these reasons, palm or vein recognition is sometimes claimed to be the most accurate and secure of all common biometric data, although the statistics depend on how the technology is implemented. It’s also worth noting that palm scanning is certainly not foolproof, and hackers have proven in the past that they can create fake hands that can fool some scanners.
Do you want your palm stored in the cloud?
There is another big difference between Amazon One and other biometric systems that you may be used to, and that is that Amazon will keep its palm data in the cloud. People have long been concerned about this type of personal data collection, but it is surprising that it is Amazon that is now trying to make it happen.
As Reuben Binns, an associate professor specializing in data protection at the University of Oxford, explained The Verge, cloud storage is inherent in the system Amazon is building. “For this kind of use case it’s hard to do anything other than having [that data] in the cloud, “he says.” Whether it’s a good idea or not is another question. ”
From Amazon’s perspective, it means that it will have to pay particular attention to how it stores and collects data. Biometric information is protected in a way that other data is not, by EU GDPR regulations and some state-level laws in the United States. It is unclear, for example, how Amazon One will work with regulations such as the Illinois Biometric Information Privacy Act (BIPA), which requires companies to obtain informed consent before collecting biometric data. (Amazon appears to recognize this in its copy for its palm scanning technology and says presenting the palm to a scanner “requires intentional action” on the part of the customer.)
Binns contrasts Amazon One with technology like Apple’s Face ID, which uses facial recognition data to unlock the phone and verify payments but retains the biometric data on the device. By keeping your data in the cloud, you expose it to hackers and potentially make it more accessible to interested third parties, such as governments.
But Binns points out that Amazon One also makes the same basic trade-off as any biometric authentication system: Do you want to create a password that is part of your body?
“The advantage is that it’s always up to you, it’s not something you can lose, but it’s also a disadvantage because you can never change it,” says Binns. “You can never change the palm of your hand the way you change your password or other identification token.” And while this might be acceptable for high-risk scenarios – like using facial recognition to verify who you are with the government of a border country – Binns says it seems inappropriate for something like shopping, especially when equally affordable alternatives already exist.
“It seems to me the wrong compromise between persistence [of data] and the level of security you actually need for some of these use cases, “he says.
Beyond the payments
If Amazon One is too much for shopping, what’s the company’s real end game?
It’s hard to guess, simply because the Amazon One could be used in so many different uses. But why I would not Does a company like Amazon want to be responsible for an ID and payments infrastructure used in stores, stadiums and offices? Amazon One is only about to launch in a couple of the company’s Amazon Go stores in Seattle, but the company is pitching the technology to anyone interested, promising that if they adopt Amazon One, they can offer their customers “seamless service. faster payments, and a personalized experience. “If the service takes off, you might imagine handheld verification being incorporated not only in shops and offices, but also in smart homes, theme parks, airports, and anywhere else you have to verify that you are who you say you are.
Frederike Kaltheuner, a technology policy analyst and colleague at the Mozilla Foundation, says The Verge that this is a possible motivation for Amazon: filling the gaps in its data empire, particularly in the physical retail space. If he can better track what people are buying and spending on, he can better target them with new products on Amazon.com.
“There’s a missing link in the type of data they have if I go to a store,” says Kaltheuner. Note that there are many data brokers who already gather information on shopping habits from things like loyalty cards, but if Amazon were able to collect that data on its own, it could eliminate the middleman. “When a company that already has so much data and knows so much about so many people enters a new industry, the question is, can the data be linked?” says Kaltheuner. (On the FAQ page for Amazon One, the company doesn’t say what it intends to do with any payment information it might collect from third-party stores.)
For some, however, concerns about a service like Amazon One go far beyond data collection. Renieris says what worries her about technology is how it ties who you are as a person, physically, to a history of your purchases and similar transactions.
“The closest we have now are things like Apple Wallet and Apple Pay and other device-based payment infrastructures,” says Renieris. “But I just think, philosophically and ethically, that there is extreme value in having a physical separation between your transaction infrastructure and your physical self – your personality and your body. When we combine the two … many rights based on a person’s limitations are further threatened “.
Renieris says that from a historical point of view, privacy has been based on physical spaces like your home, your documents or your belongings. But once those physical spaces bleed into the digital world, as with an identity system that is irrevocably tied to your real hands, “it becomes harder to establish and preserve those rights.”
“Your physical self is literally becoming a transactional tool,” he says.