Connect with us

Hi, what are you looking for?


Cloud Security

Amazon One Enterprise Enables Palm-Based Access to Physical Locations, Digital Assets

AWS announces Amazon One Enterprise, a palm-based identity service that enables users to easily access physical locations and digital assets.

Amazon One Enterprise

On the first day of its re:Invent conference, Amazon Web Services (AWS) announced Amazon One Enterprise, a new palm-based identity service that enables users to securely access both physical locations and digital assets.

Amazon One has been available for identification, payment, and entry at Whole Foods Market stores, but AWS is now expanding it to enterprises with Amazon One Enterprise.

The fully managed enterprise access control service can be used to enter secured offices, residential buildings, data centers, hotels, airports, and educational institutions, as well as for access to digital resources, such as HR records and financial data. 

The Amazon One biometric identification device where users scan their palm can easily be installed by IT or security teams, with user and device management being done from the AWS console. 

“Amazon One Enterprise combines palm and vein imagery for biometric matching and delivers an accuracy rate of 99.9999%, which exceeds the accuracy of other biometric alternatives — even more accurate than scanning two irises,” AWS explained.

“The new service’s palm-recognition technology uses advanced artificial intelligence and machine learning to create a palm signature that is associated with identification credentials like a badge, employee ID, or PIN. The palm signature is a unique numerical vector created from the user’s palm image that cannot be replicated or used for impersonation,” it added.

Amazon One Enterprise is currently available in preview in the United States and it’s already being used by several major organizations. 

AWS announces new security features and capabilities

Advertisement. Scroll to continue reading.

Just before the start of its re:Invent event, AWS announced several new security features and capabilities. This includes new AWS Control Tower controls designed to help organizations meet digital sovereignty requirements, which specify where data resides, where it flows, and who has control over it.

In the identity and access management (IAM) category, AWS announced two new features in IAM Access Analyzer: a new analyzer that continuously monitors users and roles for unused permissions, and custom policy checks that ensure new policies don’t grant unintended permissions.

In addition, Amazon EKS Pod Identity has been launched to simplify IAM permissions for applications on Elastic Kubernetes Service (EKS) clusters. 

The cloud giant also announced Amazon GuardDuty ECS Runtime Monitoring, which is designed to detect runtime security issues in Elastic Container Service (ECS) clusters.

The company also informed customers that Amazon Detective adds new capabilities to accelerate and improve cloud security investigations.

Related: AWS Using MadPot Decoy System to Disrupt APTs, Botnets

Related: These Are the Top Five Cloud Security Risks

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to and Exchange Online.

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.


Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...

Email Security

Many Fortune 500, FTSE 100 and ASX 100 companies have failed to properly implement the DMARC standard, exposing their customers and partners to phishing...


The private equity firm merges the newly acquired ForgeRock with Ping Identity, combining two of the biggest names in enterprise IAM market.