There has already been research, though, into attacks that trick vein-based authentication, as well as work on the limitations of fingerprint scanners that assess surface finger features. Researchers have also found ways to get around efforts to ensure that biometric scanners will only authenticate living people. The more ubiquitous palm scanners become, the more researchers and bad actors will investigate their security features and the more readily people will put out their palms.
“I’m worried that people could read your palm vein pattern in other ways and construct an analog. It’s only a matter of time,” says Joseph Lorenzo Hall, a longtime security and privacy researcher and a senior vice president at the nonprofit Internet Society.
Additionally, while companies like Apple and Samsung have brought biometric fingerprint and face scanners to the masses by making sure the data never leaves the device, Amazon One takes the opposite approach. Kumar writes that “palm images are never stored” on Amazon One itself. Instead they are encrypted and sent to a special high security area of Amazon’s cloud to be converted into “palm signatures” based on the unique and distinctive features of a user’s hand. Then the service compares that signature to the one on file in each user’s account and returns a match or no match answer back down to the device.
It makes sense that Amazon doesn’t want to store databases of people’s palm data locally on publicly accessible machines that could be manipulated. But the system could perhaps have been set up to generate a palm signature locally, delete the image of a person’s hand, and send only the encrypted signature on for analysis. The fact that all of those palm images will be going for cloud processing creates a single point of failure.
“Both the home drone and the palm payment are going to rely heavily on the cloud and on the security provided by that cloud storage,” the Internet Society’s Hall says. “That’s worrying because it means all the risks—rogue employees, government data requests, data breach, secondary uses—associated with data collection on the server-side could be possible. I’m much more comfortable having a biometric template stored locally rather than on a server where it might be exfiltrated.”
An Amazon spokesperson told WIRED, “We are confident that the cloud is highly secure. In addition, Amazon One palm data is stored separately from other personal identifiers, and is uniquely encrypted with its own keys in a secure zone in the cloud.”
Privacy advocates note, though, that all of this focus on security and data protection belies a larger question about where digital surveillance technologies can lead when they are normalized and become ubiquitous.
“Amazon is throwing terrifying spaghetti at the wall,” says Evan Greer, deputy director of the digital rights group Fight for the Future. “In the process they’re gleaning valuable data about what we will and won’t accept. It seems like it’s more about stress-testing our tolerance for surveillance in the name of convenience.”
Greer points out that numerous Amazon surveillance technologies have had privacy consequences the company apparently didn’t foresee. For example, unbeknownst to customers, Amazon used third-party human reviewers to listen back to audio snippets of people talking to their Echo speakers and other Alexa-enabled products in their homes. Ring doorbell cameras have repeatedly come under fire for both security issues and Amazon’s opt-in programs to share neighborhood doorbell footage with law enforcement. The company had to impose a yearlong ban on law enforcement using its facial recognition platform Rekognition after criticism and protests about the service’s accuracy and reliability.
Source: Amazon’s Latest Gimmicks Are Pushing the Limits of Privacy
By Lily Hay Newman
Techylawyer and its authors do not claim to have written this article, we acknowledge the works of the original author