Amazon’s palm-scanning payment tech will hit all Whole Foods stores this year

Amazon One palm scanning payment tech will be available in every Whole Foods location across the country by the end of the year, according to an Amazon announcement last week. The massive expansion to over 500 store locations is the culmination of a years-long rollout campaign, which recently saw the biometric readers installed in stores across many of California’s major cities. And while the payment system will remain optional, security experts are reiterating their worries about consumers handing such sensitive data over to a company with a less-than-stellar privacy track record.

According to Amazon, its Amazon One readers use cameras to capture various characteristics of an individual’s palm, including surface-level features like lines and ridges, as well as “subcutaneous features such as vein patterns.” These “palm and vein images” are then instantly encrypted and stored within cloud servers custom designed for Amazon One. Accessing this cloud data is purportedly “highly restricted to select AWS employees with specialized expertise,” the company says. Critics, however, are skeptical of both Amazon’s aims for the data, as well as their ability to reliably store such personal information.

[Related: Amazon wants your palm print scanned to pay at dozens more Whole Foods.]

“We can’t trust that Big Tech won’t exploit our biometric data, nor can we trust them to keep our data safe from hackers,” says Leila Nashashibi, a campaigner for privacy advocacy group Fight for the Future.  In recent years, Amazon has been shown to freely provide Ring smart home surveillance camera footage to law enforcement reportedly without user consent or warrants. In March, Amazon announced plans to begin providing its biometric palm readers at select Panera Bread locations—less than a week after the company was hit with a class action lawsuit in New York alleging data privacy violations within its Amazon Go store locations.

As Nashashibi also notes, Amazon’s “encrypted” biometric readers do not feature the same security as “end-to-end encrypted” (E2EE) devices and programs. E2EE systems are designed so that data can only be decrypted by users possessing the correct digital key signatures—importantly, these are generally not held by service providers or any other third-parties. Just because something such as an Amazon One reader is encrypted does not mean a company (or bad actor) couldn’t hypothetically access private information with some effort.

Nashashibi additionally calls the palm technology “absurd,” citing existing, safer fast payment options such as both digital and physical credit cards. But for critics including Nashashibi, warnings regarding corporate data privacy violations shouldn’t even be necessary in today’s tech landscape. “The onus should not be falling on individuals to protect themselves,” they say while reiterating calls for governmental oversight on biometric data gathering akin to the European Union’s General Data Protection Regulations (GDPR). Although similar laws have passed at state levels in places like California, Colorado, and Virginia, comprehensive federal legislation has yet to be enacted.

[Related: Soup with a side of biometrics: Amazon One is coming to Panera.]

“We are always looking for new ways to delight our customers and improve the shopping experience,” Leandro Balbinot, chief technology officer at Whole Foods Market, said in last week’s announcement. “Since we’ve introduced Amazon One at Whole Foods Market stores over the past two years, we’ve seen that customers love the convenience it provides, and we’re excited to bring Amazon One to all of our customers across the US.”

Amid the criticisms, shoppers are already publicly expressing both reservations and excitement about the technology. According to The SF Standard last week, opinions ranged from “It just creeps me out,” to “It’s kind of a thrill. It’s cutting edge.”