Amazon unveiled two new gadgets at its annual hardware event, the Ring Always Home Cam and the Amazon One. Amazon states these products make security and authentication more convenient. For privacy conscious consumers both these products raise red flags.
At its annual hardware event Amazon launched two new controversial gadgets within five days of each other. Namely its Ring Always Home Cam and Amazon One. Gadget and home surveillance enthusiasts are most likely excited about the launch of these two new products. There are, however, some privacy issues to consider.
Always Home Cam
Amazon’s smart security subsidiary, Ring, unveiled a flying indoor security camera called the Always Home Cam. The drone integrates with the home security system, Ring Alarm, and flies around the home to patrol rooms and investigate potential burglaries.
To allay possible privacy and security concerns regarding the drone, Ring has incorporated several security features. When not flying around the home the drone rests on a docking station, which blocks its camera. This means that the device can only capture video when it is in flight.
Furthermore, the owner decides the areas of the house the drone can access. Before using the drone, the owner sets up the drone by recording the different flight paths the drone can take. These become the only places the drone can fly. In addition, Ring says in a blog post that the device “cannot be manually controlled.” This means that even if hackers were to hack into the drone, they would not be able to make it fly off its predetermined flight paths. Finally, the drone emits an audible hum whilst flying so that the owner is warned if the device mistakenly activates.
The second product, Amazon One, is a new palm recognition system. The device registers user palm images, which can include assessment of the palm’s size, patterns, marking and ridges. It can also include an analysis of vein patterns. Palm images are then used to let individuals pay by hovering their hand in mid-air over a palm scanner. The aim being to provide customers with a mechanism for faster checkout.
Amazon One is currently being trialed in two of its Amazon Go stores, where customers’ palms are scanned on entry. The store then automatically tracks what products a customer picks up and charges the credit card associated with their hand. The company said it is “in active discussions with several potential customers” regarding rolling it out to other stores in the future. According to Amazon, the palm scanner could also be used for entering locations such as stadiums instead of using tickets. Or it could be used in workplaces instead of ID cards.
As with the Always Home Cam, Amazon One includes features to address security and privacy concerns. According to Dilip Kumar, Amazon’s physical retail vice president, customers can request to have their data deleted at any time. This can be done online via customers’ Amazon One accounts or at any Amazon One kiosk. Kumar also stated that Amazon decided to use palm recognition instead of face recognition, for example, because palm recognition “requires someone to make an intentional gesture by holding their palm over the device to use”. A further reason was that palms are not as recognizable as faces.
Privacy Concerns over Amazon Gadgets
Although what Kumar says is true, there has already been instances where vein-based authentication systems have been attacked. Furthermore, security researchers warn that the more common palm scanners become, the more willing people will be to use them. However, biometric data is particularly sensitive, because unlike passwords, this data cannot simply be changed if hackers steal it. Or when the data is accidentally exposed. Other security researchers worry that such data could be read in some other way and digitally reproduced.
Ring’s past track record also worries privacy and security researchers. In addition to the Always Home Cam, Ring produces smart doorbells that have had a myriad of security issues. Ring has also been criticized for its privacy and civil liberties policies and practices. And for sharing footage from Ring Doorbell cameras with law enforcement. Furthermore, Amazon had to impose a yearlong moratorium on police using its facial recognition data due to criticism of its Rekognition tool’s accuracy and reliability. Finally, although Amazon has a good record for maintaining the security of its huge cloud infrastructure, there have been lapses. The stakes are already extremely high with the vast amount of private data the company currently holds. The more data the company holds, the greater the privacy and security risks become.
“Amazon has a major genomics cloud platform, so maybe they hold your DNA and now they’re going to have your palm as well? Plus all of these devices inside your house. And your purchase history on Prime. That’s a lot of information. That’s a lot of personal information,” warns Nina Alli, executive director of Defcon’s Biohacking Village and a healthcare security researcher. “When you give away this data you’re giving a company the ability to access and manage you, not the other way around.”
How Amazon One Deals with Palm Data
Some major tech companies provide data security by ensuring data collected by their devices – such as fingerprint and face scanners – never leave these devices. Amazon One, on the other hand, provides data security by saving encrypted palm images on a special high security section of Amazon’s cloud. These are stored as “palm signatures”, which the Amazon One service compares to signatures on file in users’ accounts. The match, or a lack of a match, is then sent back to the device.
Databases of people’s palm data will not be stored locally on publicly accessible machines that can be manipulated. However, critics state that a system could have been setup to generate a palm signature locally, delete the image of an individual’s hand and send only the encrypted signature for analysis. The fact that all palm images are sent to the cloud for processing creates a single point of failure.
“Both the home drone and the palm payment are going to rely heavily on the cloud and on the security provided by that cloud storage,” says Joseph Lorenzo Hall, a long-time security and privacy researcher. “That’s worrying because it means all the risks – rogue employees, government data requests, data breach, secondary uses – associated with data collection on the server-side could be possible. I’m much more comfortable having a biometric template stored locally rather than on a server where it might be exfiltrated.”
In reply to these concerns, an Amazon spokesperson told Wired magazine: “We are confident that the cloud is highly secure. In addition, Amazon One palm data is stored separately from other personal identifiers, and is uniquely encrypted with its own keys in a secure zone in the cloud.”
New Gadgets Keep Pushing Privacy Boundaries
The steady release of new gadgets that push the boundaries of privacy, could indicate that companies like Amazon are trying to ascertain how far they can push. In the process of releasing new products, “they’re gleaning valuable data about what we will and won’t accept. It seems like it’s more about stress-testing our tolerance for surveillance in the name of convenience,” says Evan Greer, deputy director of the digital rights group Fight for the Future.
“Amazon’s entire business model is based on surveillance,” Greer stresses. “With each new product they release it becomes more and more clear that their goal is to amass so much data about everything that their monopoly power becomes unchallengeable.”
As Greer warns, and other privacy advocates have warned in the past, privacy rights are much harder to restore once they are gone than they are to maintain.