AWS (Amazon Web Services), Amazon’s cloud computing subsidiary, has unveiled a new palm-scanning identity service for authenticating individuals entering physical premises.
The announcement is part of AWS’s annual Re:Invent conference in Las Vegas this week.
Amazon One Enterprise, as the new service is called, builds on the existing Amazon One offering introduced in 2020 for biometric payments in Amazon’s cashierless stores. Visitors to Amazon Go stores can link their payment card with their palm-print, enabling entry and transactions by scanning their hand.
Despite initial concerns over Amazon’s management of biometric data, the company has expanded the technology to incentivize customers, extended it to Whole Foods stores, and formed partnerships with other retailers.
Given Amazon’s position in the enterprise software stack and dominance in the cloud infrastructure market, Amazon One Enterprise is a natural extension for this technology. Companies are still seeking in-office presence, and with Amazon One Enterprise, they can deploy contactless authentication devices in various locations such as office foyers, universities, and airports.
Furthermore, the technology can control access to restricted software, potentially replacing multiple forms of identification like badges, fobs, and passwords.
Companies can choose from two scanning devices for Amazon One Enterprise—a standalone unit for embedding at entry points or a pedestal-mounted device. Employees enroll in Amazon One Enterprise using their physical badge and associate their palm-print during the enrollment phase.
Amazon emphasizes that its enterprise palm-scanning service is separate from the consumer system for retail authentication with enhanced data privacy.
Enrollment at an enterprise does not allow palm-based payments at Whole Foods Market or other Amazon One-enabled locations, ensuring strong data isolation and security. The user’s palm-print and badge ID are stored on AWS Cloud and can be deleted through an Amazon One enrollment device. Data is also automatically deleted if not interacted with for two years.
Amazon One Enterprise is currently available in preview for U.S. customers.