Amazon’s physical retail team has announced a new innovation called Amazon One. Amazon One is a fast, convenient, contactless way for people to use their palm to make everyday activities like paying at a store, presenting a loyalty card, entering a location like a stadium or badging into work more effortless. The service is designed to be highly secure and uses custom-built algorithms and hardware to create a person’s unique palm signature.
Amazon will offer the technology in select Amazon Go stores, where Amazon One will be added to the store’s entry gate as a convenient choice for customers to use to enter the store to shop. In most retail environments, Amazon One could become an alternate payment or loyalty card option with a device at the checkout counter next to a traditional point of sale system.
Customers can use Amazon One as an entry option at two Amazon Go stores in Seattle. It takes less than a minute to sign up at these Amazon Go stores using an Amazon One device. The first step is to insert credit card details. Next, the customer needs to hover their palm over the device and follow the prompts to associate that card with the unique palm signature being built by Amazon’s computer vision technology in real-time. The customer will then have the option to enrol with just one palm or both. Once they are enrolled to use Amazon One to enter these Amazon Go stores, they will just hold your palm above the Amazon One device at entry for about a second or so and be on their way.
Beyond Amazon Go, Amazon expects to add Amazon One as an option in additional Amazon stores in the coming months. And, it believes Amazon One has broad applicability beyond its retail stores, so it also plans to offer the service to third parties like retailers, stadiums and office buildings so that more people can benefit from this ease and convenience in more places.
Amazon said on its blog: “We take data security and privacy seriously, and any sensitive data is treated in accordance with our long-standing policies. With this in mind, we designed Amazon One to be highly secure. For example, the Amazon One device is protected by multiple security controls and palm images are never stored on the Amazon One device. Rather, the images are encrypted and sent to a highly secure area we custom-built in the cloud where we create your palm signature.”
David Emm, Principal Security Researcher at Kaspersky, said: “The new Amazon One payment sounds very convenient: you just hold your palm above the reader and it charges your card automatically – no swiping, no PIN, nothing. But to do this, they’re taking biometric data – in this case, a palm – and storing it in the cloud correlated with payment data. Amazon says the data will be encrypted. If we want to bring on the future securely, we must ensure it’s well encrypted, because Amazon One combines identification, authentication and authorisation into a single point. If someone were to steal and decrypt the data from the cloud, they could potentially spoof someone’s identity and spend their money.”