Amazon pushes biometric payments, raising surveillance and identity theft fears

Amazon is set to implement palm-scanning payments with Amazon One technology in all Whole Foods stores by year-end, sparking discussions on cybersecurity and privacy controversies.

In 2020, Amazon introduced a palm-scanning device, known as Amazon One, to its Go cashierless stores. This biometric technology enables users to make purchases at stores by placing their palms over a scanning device at the cashier.

The biometrical data of the user is linked to a saved credit card, allowing for quick, cardless payments. Beyond payments, the technology can also be used for identification, age verification, and accessing venues and buildings.

The company is pushing biometric payments forward, with airport stores, stadiums, and concert venues recently adapting the technology. Payments with Amazon One is currently available at more than 200 Whole Foods Market locations across the US.

Last week, Amazon announced its plan to expand its biometric payments network, allowing customers to pay with their palms at all Whole Foods stores by the end of the year.

Amazon One palm scanner | Source: Amazon
Amazon One palm scanner | Source: Amazon

Amazon says it’s safe

According to Amazon, a palm signature “can’t be replicated to impersonate a customer.” The scanning device does not save raw palm images to identify a person. Instead, it looks at both the palm and underlying vein structure to create a unique numerical vector representation, what the company calls a “palm signature” for identity matching.

Biometric data is saved on the AWS Cloud, which, according to the company, is backed by many cloud security tools. Amazon One users will also be able to request the deletion of their biometric data after using it, either via the device or online.

“We intentionally architected the Amazon One service to store all highly sensitive biometric data off-device in a highly secure, isolated, and purpose-built cloud storage environment. Additionally, access controls are enforced and audited on both the data repository and the key management system. This ensures that, once collected, biometric data is transient and never persists on a device. Palm data that is provided to Amazon One is stored separately from other Amazon consumer data,” wrote the company.

Image from Shutterstock
Image from Shutterstock

Privacy concerns since launch

Privacy concerns have surrounded Amazon One's technology since its launch. In 2021, shortly after the technology's introduction, a group of US senators urged Amazon to disclose further details about its intentions concerning customer biometrics. The lawmakers expressed concerns about the usage of user data, particularly regarding its potential for advertising and tracking purposes.

Reportedly, Amazon is confronting a class action lawsuit for allegedly not providing adequate notice under an NYC biometric surveillance law, specifically concerning the usage of its Amazon One readers at Amazon Go stores.

Denver Arts and Venues had initially intended to use Amazon One for ticketless entry at its Red Rocks Amphitheater. Still, they decided to cut ties with the company due to privacy concerns after the release of an activists’ open letter that called the technology “the newest manifestation of Amazon’s surveillance technology obsession.”

The open letter, hosted on “,” is signed by human rights groups and numerous artists and expresses concerns that Amazon can share the gathered data with governmental institutions.

Law enforcement could crosscheck the data collected from scanners with the data in immigration or police databases, enhancing means of surveillance. Also, data could be stolen from the cloud by hackers.

Biometric authentication is risky

Eduardo Azanza, CEO and Co-Founder at the digital verification company Veridas, told Cybernews that Amazon’s introduction of palm-scanning is a step towards the future of a single digital identity. However, the use of palm scanning has some limitations when it comes to security.

“The use of palm-scanning is often standardized to allow for seamless integration across different vectors. This ease of operation inherently raises the risk of compromised privacy and unauthorized data sharing due to interoperability and personal data extraction. This could lead to individuals’ data being used in unintended ways or by third-party services without the consent of the customer,” Azanza said.

He adds that facial recognition is a more secure solution in this case, as facial biometrics don’t allow reverse engineering of facial images. Because it’s not interoperable with images produced by other systems, facial recognition data is safer and reduces the chances of misuse.

“There are growing conversations around whether relying solely on biometrics is sufficient for proper identification and authentication. Some suggest that multi-factor authentication (MFA), such as the conjunction of two biometric traits, may add a layer of protection and eliminate this risk.”