Managed Services, MSP

AWS Intros Amazon One Enterprise Access Control Solution

Plans include an open standard that would shrink users' dependency on passwords.

At the AWS re:Invent conference this week, AWS introduced a new palm-based identity service for organizations to help improve security of physical spaces and digital assets, reduce operational costs, and adds convenience for users while protecting personal data. The solution, dubbed Amazon One Enterprise, is a palm-based identity service that provides highly accurate and secure enterprise access control, according to a statement from the company. It delivers a fast, convenient way for employees to simply use their palm to access physical spaces and digital assets while protecting user privacy.

Boon Edam, IHG Hotels and Resorts, Paznic, and KONE among customers and partners using Amazon One Enterprise, according to the statement.

Amazon One Enterprise is a new, fully managed service that manages access control using biometric identification devices. Security is built into every stage of the service, from multi-layered security controls in the Amazon One device to protection of data in transit and in the cloud, AWS said. Amazon One Enterprise combines palm and vein imagery for biometric matching and delivers an accuracy rate of 99.9999%, which exceeds the accuracy of other biometric alternatives—even more accurate than scanning two irises, according to the statement. The new service’s palm-recognition technology uses advanced artificial intelligence and machine learning to create a palm signature that is associated with identification credentials like a badge, employee ID, or PIN.

Amazon One Enterprise can provide access control for physical locations such as data centers, office and residential buildings, airports, hotels and resorts, and educational institutions as well as digital assets such as restricted software resources (e.g., financial data and HR records). Amazon One Enterprise eliminates the operational overhead associated with the management of traditional enterprise authentication methods, like badges and PINs, according to the statement. IT and security administrators, MSPs and solution providers can easily install the Amazon One device and manage users, devices, and software updates via the AWS Management Console.

Amazon One Enterprise supports industry-standard access-control protocols such as Open Supervised Device Protocol (OSDP) and Wiegand, according to the statement.

“Amazon One Enterprise’s palm recognition technology is designed to deliver a highly accurate identification service that increases an organization’s overall security, while offering seamless authentication management with lower operational overhead,” said Dilip Kumar, vice president of AWS Applications. “With Amazon One Enterprise, security administrators also have a centralized view of all user authentications across the organization, taking the stress out of managing multiple access control solutions. Businesses appreciate the privacy and convenience for their users, who can access physical locations and software assets with just a hover of their palm.”

To learn more about Amazon One Enterprise, visit