Security Expert On Amazon One – Palm Scanner Launched For ‘Secure’ Payments

Amazon has announced a new payment system for real-world shops which uses a simple wave of the hand. Its new Amazon One scanner registers an image of the user’s palm, letting them pay by hovering their hand in mid-air “for about a second or so”, it says.

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Tim Mackey
Tim Mackey , Principal Security Strategist, Synopsys CyRC (Cybersecurity Research Center)
InfoSec Expert
October 4, 2020 2:18 pm

Biometric based user identification is nothing new. In recent years programs like CLEAR in the US incorporate biometrics to identify airline passengers and programs like Global Entry offer the similar functionality for US passport control. Extending this capability to payment systems is a logical step, but one where participation should be voluntary. Malicious groups know that health and biometric data isn’t easily replaced making it a prime target for any attack. This means that any biometric-based payment system needs to address the question of data compromise within its design and ensure that software designs are kept current with the threat prevailing landscape. After all, as software designs age, implementation decisions that were once thought “best practice” can show their age and become exploitable.

Last edited 2 years ago by Tim Mackey
1
0
Would love your thoughts, please comment.x
()
x