Called Amazon One Enterprise, the service will allow companies to authenticate people entering the premises and help to prevent security breaches.
It will enable organisations to provide a contactless experience for employees and other authorised users to gain access to locations such as data centres, offices and residential buildings, airports, hotels and resorts, and educational institutions.
It combines palm and vein imagery for biometric matching and delivers an accuracy rate of 99.9 per cent, which exceeds the accuracy of other biometric alternatives.
It is even more accurate than scanning two irises, AWS said at its annual re:Invent event in Las Vegas.
“The technology is designed to deliver a highly accurate identification service that increases an organisation’s overall security, while offering seamless authentication management with lower operational overhead,” said Dilip Kumar, vice president of AWS applications.
“Security administrators also have a centralised view of all user authentications across the organisation, taking the stress out of managing multiple access control solutions."
The latest palm-recognition technology uses artificial intelligence and machine learning to generate a unique palm signature linked to identification credentials, such as a badge, employee ID or personal ID number.
This signature, taken from the user's palm image, forms a distinctive numerical vector that cannot be duplicated or misused for impersonation, AWS said.
The technology expanded on the company’s Amazon One service, which was launched in 2020 to allow biometric payments within Amazon's cashierless stores that rely on surveillance technology.
For example, at Amazon Go outlets, customers can link their payment card to their palm-print, granting them access to the store and the ability to finalise their purchase by waving their hand over a scanner.
However, it also raised concerns over how Amazon manages and stores users’ biometric data.
The company offered cash incentives to motivate customers to register their palm prints, and teamed up with many third-party retailers to boost the technology.
It also expanded these services to its Whole Foods stores in the US.
IT and security administrators can set up Amazon One devices on-site and activate them through the AWS management console.
In the console, administrators have control over user authentications and they can oversee installed device statuses, manage software updates, and access analytics on enrolments and use.
How safe is new palm-scanning technology?
AWS said the service is designed to ensure palm images, user credentials and other metadata are immediately encrypted.
Each user’s palm data is encrypted using a unique key.
When employees leave the organisation or decide to unenrol, they can delete their palm data by choosing an option on the Amazon One device, or an IT administrator can do it through the AWS management console.