Amazon One uses your 'palm signature' for payments and authentication [Update]

Amazon today announced a new contactless authentication device called Amazon One, and it's definitely a little weird. Instead of using something like a card with an NFC module built in, you'll instead use your palm. The device is getting a very limited roll out in two of its Amazon Go stores as an authentication option for entry, but the company sees Amazon One being used for a wide array of services in the future.

For instance, customers might use Amazon One to pay for a purchase, gain entry to a stadium without having to show a ticket stub, clock in at work, or in place of a loyalty card. In fact, Amazon's plan in the long-term is to offer this technology to third-party companies in addition to using it in its own stores.

In an FAQ about the technology, Amazon explains that it picked palm recognition for a "few important reasons." As far as biometrics go, Amazon says that palm recognition is considered more private than other methods since you can't tell someone's identity from just an image of their palm. "It also requires someone to make an intentional gesture by holding their palm over the device to use," Amazon continued. "And it's contactless, which we think customers will appreciate, especially in current times. Ultimately, using a palm as a biometric identifier puts customers in control of when and where they use the service."

Amazon One doesn't require that users link their "palm signature" (as it's called) to an Amazon account, merely a phone number and a credit card. Customers have the option to link their Amazon accounts to their Amazon One data, however, and if they do that they'll be able to see their usage history when they log in. Amazon also says that users can delete the data associated with Amazon One whenever they want, and they can do that through the physical device or by going to the Amazon One customer portal.

Beyond that, the company is promising that palm data is not stored locally on Amazon One devices but is instead "encrypted and sent to a highly secure area we custom-built in the cloud where we create your palm signature." The company also says that the Amazon One device is "protected by multiple security controls," though that's a pretty vague statement.

If you want to try this out for yourself, you can do so by heading to the Amazon Go stores at 7th & Blanchard or 300 Boren Ave. North in Seattle (it's worth noting that you can still enter those stores through other authentication methods like the Amazon and Amazon Go apps). Amazon says that it's in "active discussions" with several potential third-party customers, but it can't tell us more for now. We'll let you know when Amazon reveals more about Amazon One, so stay tuned.

Update: Amazon has clarified that Amazon One requires both a credit card and a phone number to sign up, not just either one. We've updated the article to correct the mistake.