Intelligent CISO Issue 31 | Page 60

Introducing Amazon One : A new innovation to make everyday activities effortless

Beyond Amazon Go , Amazon expects to add Amazon One as an option in additional Amazon stores in the coming months . And , it believes Amazon One has broad applicability beyond its retail stores , so it also plans to offer the service to third parties like retailers , stadiums and office buildings so that more people can benefit from this ease and convenience in more places .
intelligent PHYSICAL SECURITY
mazon ’ s physical retail

A team has announced a new innovation called Amazon One . Amazon One is a fast , convenient , contactless way for people to use their palm to make everyday activities like paying at a store , presenting a loyalty card , entering a location like a stadium or badging into work more effortless . The service is designed to be highly secure and uses custom-built algorithms and hardware to create a person ’ s unique palm signature .

Amazon will offer the technology in select Amazon Go stores , where Amazon One will be added to the store ’ s entry gate as a convenient choice for customers to use to enter the store to shop . In most retail environments , Amazon One could become an alternate payment or loyalty card option with a device at the checkout counter next to a traditional point of sale system .
Customers can use Amazon One as an entry option at two Amazon Go stores in Seattle . It takes less than a minute to sign up at these Amazon Go stores using an Amazon One device . The first step is to insert credit card details . Next ,
We take data security and privacy seriously , and any sensitive data is treated in accordance with our long-standing policies . With this in mind , we designed Amazon One to be highly secure .
the customer needs to hover their palm over the device and follow the prompts to associate that card with the unique palm signature being built by Amazon ’ s computer vision technology in real-time . The customer will then have the option to enrol with just one palm or both . Once they are enrolled to use Amazon One to enter these Amazon Go stores , they will just hold your palm above the Amazon One device at entry for about a second or so and be on their way .
Amazon said on its blog : “ We take data security and privacy seriously , and any sensitive data is treated in accordance with our long-standing policies . With this in mind , we designed Amazon One to be highly secure . For example , the Amazon One device is protected by multiple security controls and palm images are never stored on the Amazon One device . Rather , the images are encrypted and sent to a highly secure area we custombuilt in the cloud where we create your palm signature .”
David Emm , Principal Security Researcher at Kaspersky , said : “ The new Amazon One payment sounds very convenient : you just hold your palm above the reader and it charges your card automatically – no swiping , no PIN , nothing .
“ But to do this , they ’ re taking biometric data – in this case , a palm – and storing it in the cloud correlated with payment data . Amazon says the data will be encrypted . If we want to bring on the future securely , we must ensure it ’ s well encrypted , because Amazon One combines identification , authentication and authorisation into a single point . If someone were to steal and decrypt the data from the cloud , they could potentially spoof someone ’ s identity and spend their money .” u
60 Issue 31 | www . intelligentciso . com