Reports: Amazon One raises palmprint biometric privacy, opacity concerns

Occurred: August 2021

Amazon One, a service that allows customers to pay using their handprint, was accused of using sensitive personal data to improve its system. 

The system uses a palm scanner to register an image of the user’s palm, allowing them to pay by hovering their hand over a sensor in Amazon checkout-free stores. 

Despite promising to secure biometric data using encryption, data isolation and secure zones, Amazon came under fire for allegedly using an unspecified sub-set of anonymous palm data to improve its system, raising concerns about unstated potential commercial and other uses.

By linking a customer's palm print to their Amazon account, the company could use the data it collected, like shopping history, to target ads, offers and recommendations over time, according to TechCrunch.

The controversy prompted US lawmakers to write to Amazon CEO Andy Jassy expressed privacy and competition concerns over Amazon One, and asked the company to provide information about how it keeps users’ data safe. 

August 2021. Amazon’s decision to offer a USD 10 credit for new users who enrolled their palm prints in the programme was criticised by privacy advocates who saw it as a tactic to coerce people into handing over sensitive personal data.

Operator: Amazon
Developer: Amazon  
Country: USA
Sector: Technology
Purpose: Verify identity; Authorise transactions
Technology: Palm print scanning
Issue: Privacy; Dual/multi-use
Transparency: Governance

Page info
Type: Incident
Published: January 2022