AWS Adds Palm-based Identity & Access Management to Its Managed Offerings

Las VegasAt AWS re:Invent in Las Vegas this week, AWS has announced Amazon One Enterprise, a palm-based identity service for “comprehensive and easy-to-use” authentication that would help improve organizational security and prevent costly security breaches. With Amazon One Enterprise, organizations can do away with the administrative burden that comes with maintaining conventional business authentication systems like PINs and badges.

Amazon One Enterprise is now available in preview in the U.S. With the help of this new service, organizations can now offer employees and other authorized users a contactless way to access both digital and physical resources, including restricted software resources and financial and HR records, as well as physical locations like data centers, hotels and resorts, airports, offices, and residential buildings. Using the AWS Management Console, IT and security managers can “effortlessly” deploy Amazon One devices and manage users, devices, and software upgrades.

Organizations would now mostly use digital techniques like passwords and PINs or physical ones like badges and fobs to authenticate workers and other authorized users to access buildings and software resources. These conventional identity service approaches do, however, have certain common security flaws, according to AWS. While PINs and passwords are readily forgotten, guessable, or shared, badges and fobs may be lost, copied, cloned, or stolen. Along with the expense of creating physical IDs, many conventional modes of authentication would also call for labor-intensive credential management procedures and human verification. Employees may get irritated, lose time, and produce less when they forget or replace their passwords, PINs, or badges.

Businesses have attempted to address these issues by using biometric-based solutions, such as fingerprint and iris recognition, however these methods are not always precise, stated AWS. Clients would also want technologies that facilitate the dismantling of organizational silos in the administration and execution of user authentication. For instance, a business may need passwords to access digital assets and software resources, but badges to enter facilities. Because of this, administrators must oversee a variety of authentication mechanisms while retaining partial visibility into all allowed access inside the company. According to AWS, IT and security managers want to be able to quickly monitor device use and manage software upgrades, as well as have a consolidated view of authentications (e.g., who is accessing a location or software resource at what time).

Palm Recognition Technology

With the use of an intuitive biometric identification device, Amazon One Enterprise is a brand-new, fully managed solution that would offer accurate and secured business access management. Every step of the service has built-in security, from the Amazon One device’s multi-layered security controls to the cloud’s and transit’s data protection. With a biometric matching accuracy score of 99.9999%, according to AWS itself, Amazon One Enterprise would surpass other biometric options and even be more accurate than scanning two irises. This is achieved by combining palm and vein imaging. The palm-recognition technology of the new service creates a palm signature linked to identity credentials such as a badge, employee ID, or PIN by using cutting-edge artificial intelligence and machine learning. The user’s palm picture is used to construct a unique numerical vector known as their palm signature, which cannot be copied or used to impersonate someone else.

IT and security managers may quickly deploy Amazon One Enterprise devices on-site and activate them using the AWS Management Console. Administrators can also handle all user authentication-related tasks through the console, saving time and effort by eliminating the need to manually verify credentials. Other features of the console include software update management, device status monitoring, and analytics on user enrollment and usage.

“Amazon One Enterprise’s palm recognition technology is designed to deliver a highly accurate identification service that increases an organization’s overall security, while offering seamless authentication management with lower operational overhead,” said Dilip Kumar, vice president of AWS Applications. “With Amazon One Enterprise, security administrators also have a centralized view of all user authentications across the organization, taking the stress out of managing multiple access control solutions. Businesses appreciate the privacy and convenience for their users, who can access physical locations and software assets with just a hover of their palm.”

Amazone One Enterprise