Amazon One – Palm recognition for Amazon Go (opens in new tab)

I think they are saying that humans cannot associate palm prints to an individual, unlike face (or even eyes in certain cases). It's just security by obscurity kind of thing but yes, not very convincing argument for privacy.

They don't identify you. They read your future.

The wording of that is odd.

But my guess is, your face could be identified wether or not you are using this particular system. But your palm only works after the system does the scan of you so you have to specifically opt in to use it.

I think it means that they are using some 3d representation of a palm that a (single) 2d image won't capture (unlike a fingerprint). Maybe they use video (gesture was mentioned) or maybe something like lidar.

We should read the opposite of what they're saying to be true: they already have our fingerprints, and they want the rest of our hands.

My guess is that they meant that a person couldn't determine someone's identity, unlike with, say, facial recognition.

Yeah, I was confused at this statement too.

Perhaps using some electrical or acoustic properties? They're very cagey about how it works, so I doubt it is just a camera.

> Q: What is the device actually scanning when it creates my unique palm signature? > > A: the technology evaluates multiple aspects of your palm

Ok then.

Is it possible they are saying that you can’t uniquely identify a person in the population at large based on palm, but you can in a smaller population of people such as registered Amazon go users or ticket holders for a venue?

On an iPhone, biometric is being treated as a password where the expectation is that no one but you could open it. For Amazon go, it is just an identifier to a user

Plus a data dump of uuids and palms might not be useful information. Maybe there is a effectively a way to hash the raw palm data since this is just effectively a user look up

This is pure speculation

here's a famous video on how it can be hacked easily (example: Fujitsu PalmSecure) https://www.youtube.com/watch?v=FsZE6fyF26U

The camera is just one of many signals, some of which do change over time

This is an important aspect. People are not aware how big the difference of this is to the usual account name and password. If you want to start over and register a new account, you can have that. Not with this technology. And with the amount of data which Amazon vacuums up, there are totally legitimate reasons for this. Let's say, just as an example, that your girlfriend has bipolar disorder and you order and read a couple of books from Amazon how to cope with that, and how to help her. Fast-forward ten years. She has overcome the illness with good medication, and became your wife, or maybe you have parted ways and live in different states. This is past. But Amazon still has that information about you - a very sensitive kind of information. Maybe if this data is sold to an insurance company, she won't get health insurance. Now, closing your account and starting a new one is an option to handle, even in a limited way, that toxic data waste which is laying around.

Irreversibly tying accounts to biometric identities is a very powerful thing which can easily be abused. Think of Salman Rushdi, the Iranian writer which became target of a religios fatwa and was basically advertised to be murdered. He somehow managed to disappear. But that was years ago. In todays world with Facebook everywhere and your social graph being a different kind of fingerprint, you'd need to axe-murder your whole family and friends to get rid of that social graph which identifies you, whatever name and picture you use. AS no normal human being will do that, it has become basically impossible to disappear. And, having lived in Colombia, South America, I've known many decent and nice people who just had to disappear only in order to protect their life. This is dangerous technology.

That's just not true. By definition all our identities are basically linked to a biometric, namely our face.

If you walk into your bank and want to withdraw a large sum from your account, someone at the counter looks at your face and a shitty small photo taken from you either on their system or on your passport to determine if there is a "face match".

A proper technological solution to the current more insecure human verification process of your biometric is only an improvement, not a horrible idea as you suggest.

Also, Amazon (and any involved subcontractors) now have access to your palm, with the possibility of accessing any other system authorized by it.

We tell users not to re-use their passwords, but the same goes for fingerprints too.

You don't need an accident. I was on chemo earlier this year, and I had to re-register my fingerprints both on my phone and on my laptop.

I minorly burned my finger on a toaster oven below my fingerprint line and still had to reregister my finger due to skin growth.

I'm waiting for fake palm gloves. I'm sure such things already exist for finger prints.

And, what also needs to be pointed out: It is, functionally, a user name. Not a password.

Why not offer both?

You can already enter these stores using your phone.

> tied to the device and not let leak out

there are laws against facial recognition (https://www.msn.com/en-us/news/us/portland-becomes-the-first...)

how is palm recognition different from facial, aside from scanner proximity?

There's also this gem in the FAQs:

> If I decide I don’t want to use Amazon One any more after signing up, can I delete my biometric data?

> Yes, you can request to delete data associated with Amazon One through the device itself or via the online customer portal at one.amazon.com. We believe customers should always be in complete control of when and where they use the service, and we designed Amazon One with this in mind.

Maybe I'm paranoid, but that FAQ feels like it was worded by Orwellian doublespeak experts:

- you can "request" (thank you for granting us permission to make a request of you)

- data associated with Amazon one (all the data or only certain data? Do you keep data that's not associated with an account but maybe still associated with my identity?)

Also, what about false identifications?

With Face/TouchId it’s authentication, not identification (as there’s only one identity associated with the device).

What’s the fallback here for “twin palms”?

I guess those unlucky people will have to swipe in using traditional methods?

This is the door you didn't hope was opened? So many other more terrible doors are open. Not saying this is great. But look at what social media is doing to the social fabric. This is just shopping.

X and One fall in this category. They sound cool and could be any Amazon product under the sun. The problem though is the next iteration ie X2, X3 etc sound fine but One 2 sounds weird

I had initially read your comment as "marketing people are having a bad day and want to just be one with the naming discussion"

From the FAQ, it seems like this is not as invasive as fingerprints:

"We selected palm recognition for a few important reasons. One reason was that palm recognition is considered more private than some biometric alternatives because you can’t determine a person’s identity by looking at an image of their palm."

One imagines once Amazon starts cataloguing palms, quite a few government and law enforcement agencies will suddenly tend to have quite a lot of images of palms!

I expect they were trying to contrast with face recognition, though.

At a guess they are probably saying that a human when looking at a picture of a palm would not be able to tell you who it is, unlike a picture of someone that includes their face or body. Seems a bit of a pointless distinction as the Amazon Go stores heavily rely on cameras to track people when in store.

They're being intentionally vague. Their argument is that they're only mapping from palm to credit card number and mobile phone number, which isn't the same thing as mapping from palm to real identity name (unless you also link to your Amazon account). Which belies the fact that it's much easier to map from a credit card number or mobile phone number to a real identity name.

Sounds like palm prints are even easier to harvest from public figures than fingerprints. Take a photo at a speech, you can likely make a silicone mold replicating their palm, and you get to shop for groceries with their card.

What I think is interesting is that I suspect they’ll eagerly license this to competitor stores. A palm reader does not turn your local Safeway into Amazon Go, and they know that.

Having a slice of every point of sale could be huge; imagine how much better this is than having to use FaceID during a pandemic. (Tap tap, pin, pin, tap is a LOT more friction than “hover.”)

I’d pay for it if I ran a retail store. I wonder if Amazon will ever compete with Visa or other payment providers.

Like suddenly demanding you register a credit card with them when you have perfectly fine working other payment methods.

Were those dining hall scanners using a palm-on-glass technology, or mid-air like what Amazon is showing?

that's a cynical way of thinking. applying something in a new area is innovative. For example, the iphone was a mobile phone + mp3 player + ... none of that stuff was new, but yet the iphone was incredibly innovative.

this helps streamline a process. one of the annoyances at go stores was waiting for someone to pull out their phone, open the app, and scan. I was like if you dont have your phone out already, step aside until you do, but at least this solves part of that issue.

also the dinning hall situation was probably a simpler environment with not as many negative consequences if a person got accepted into the hall.

A big thing though is how cheap they can make this. The Idemia one seems a lot more expensive. Driving down costs on existing technology is innovation. (Although who knows how much this actually costs to amazon)

Or we could (radical idea here) not use biometrics. I don't mean to be dismissive, but what advantage does this provide over opening a web site and hitting "pay" or maybe some sort of NFC tap? This looks like biometrics for the sake of being cool and flashy, which is not a trade-off I'm willing to make.

Do you really think this is a photo of your palm they're storing?

No doubt there are 3D scanners (to map the elevation of your palms, the depth of the lines, etc.), infrared imaging and a slew of other minor sensors. To make this fast, they need to effectively correlate enough of the data to identify you without relying solely on a single thing.

The photo of your palms out doesn't include an image of your veins because it wasn't taken with an infrared camera.

It's not the first question addressed in the FAQ, but there is this answer:

"Yes, you can request to delete data associated with Amazon One through the device itself or via the online customer portal at one.amazon.com. We believe customers should always be in complete control of when and where they use the service, and we designed Amazon One with this in mind."

Perhaps, as the sibling comment suggests, this was an architectural decision made based on the requirements for operating in the EU.

Under the GDPR in EU or the DPA2018 in the UK you can request your data to be erased, corrected or you can grant limited access to your data.

You also have the right to request that a decision to not be made solely using automated means. This is a good introductory article

https://www.which.co.uk/consumer-rights/advice/how-do-i-make...

Too bad most of these companies operate based on the US legislation which doesn't grant the same consumer rights.

I recently attended a scientific conference on biometrics (I'm not from the field) and it was shocking to learn about all that stuff, both what's going on in the research community as well as on the law makers' side of things.

Usually this happens because a totally different departments runs the marketing site, and it's just easier to have their own deployment than integrate to the main site. In some cases it's a hosted CMS.

Another reason is for cookie management. This way your cookies aren't sent to the marketing site.

I'm not sure why Amazon does it though, as I think they're big enough to run their own CMS and therefore the cookie thing isn't really an issue.

If a page hosted on amazon.com has security vulnerabilities, users real amazon accounts are at risk because of same-origin policy etc. Putting a page on a different domain eliminates this risk.

Another reason is for branding. Using aboutamazon.com for PR fluff keeps amazon.com reserved for their actual consumer products.

Yeah, but that's just simply inconvenient. When you look at a copyrighted building or hear a copyrighted song, you need a quick and integrated way to debit the royalties from your crypto wallet. How did folks do that in 2020? Did you have to enter your credit card details in hundreds of websites before leaving the house each day?

5) Are there any anti-spoofing measures already out there? It sounds like if there are, they can be easily bypassed...

FTA: It’s contactless.

To me this is creepy. I am sure to "evolve" my thinking on it, but:

I might consider cutting an artificial hand off a silicone doll and registering its hand print.

Carrying a necklace of dismembered hands might creep out the store attendees & shoppers though.

Well, it's not like they're literally requiring users to take a mark in their right hand.

They're just feeling left out - everyone else has a product called "One". The next version will be called the Amazon One X 360 Series X.