Amazon Authorization: Me, My Selfie and I

cyberselfieBy Dean Wiech

Organizations are always looking for ways to improve security without interfering with customer convenience. This has led many companies to branch out towards more and more advanced authentication methods.

One of the newest concepts, of course, is Amazon’s “Selfie Authentication.” The new authentication technology allows a customer to user facial recognition to authenticate themselves with the website when making a purchase.

Capitalizing on the popularity of the selfie movement and all that makes it trendy, Amazon is betting that the gadgetry will make user verification safer—and cooler—than the Arabian Nights-themed password protocols used by previous generations of computer users.

Here’s how it works: An Amazon customer simply takes a video or picture of themselves to ensure that they are who they say they are. Then, at the time of purchase, Amazon’s authentication method requires the user to take a second video or picture where they perform a human movement, such as blinking or smiling, to ensure their identity in real time, thus preventing spoofing by using old photos and videos.

Facial recognition technology is already used in a variety of other sectors in within several other products; however, this is the first time that facial recognition is being used for a payment process with customers. But really, this is “big” because it’s Amazon.

Amazon is already known for having an extremely easy purchase process with its “one click ordering” so this method would allow for a similar amount of convenience.

Biometrics, which is essentially what this is, is the use of the human body or traits to verify who the user is or claims to be. As biometrics use has been steadily improving and increasing in popularity for years, such methods use a human voice, retina scanning or facial recognition or a fingerprint to authenticate a user.

Many companies in various industries use biometrics for different tasks, such as facial recognition for logging into computers, fingerprints for time clocks or retina scanning for access to areas of their organization. The technology is meant to ensure the highest level of security without hindering convenience for the user.

But there are several concerns with this type of authentication— we’ll have to wait and see how it all plays out, and whether Amazon will make changes to its technology and authentication policies over time. As the method has not been launched yet, there are, of course, questions regarding security. What happens to customers who happen to be among a set of identical twins? Will this software and the camera on their device be able to detect this difference?

There’s also the issue of preference. Many people don’t like having their picture taken, so they might not enjoy taking an image or a video of themselves. Other people are very shy and might be uncomfortable taking a video of themselves in public. There likely must remain standard access management protocols in place.

So what does this mean for the future of authentication? Passwords and authentication methods will continue to evolve to ensure that they are keeping the network safe but aren’t interfering with customer convenience. Organizational leaders must ensure that security of their networks but don’t want it to affect the buying process of their customers.

d.wiechDean Wiech is managing director of Tools4ever US, part of the global supplier of identity and access management solutions.

Jeff Edwards
Follow Jeff

Jeff Edwards

Editor, Cybersecurity at Solutions Review
Jeff Edwards is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large.He holds a Bachelor of Arts Degree in Journalism from the University of Massachusetts Amherst, and previously worked as a reporter covering Boston City Hall.
Jeff Edwards
Follow Jeff

One thought on “Amazon Authorization: Me, My Selfie and I”

Comments are closed.