The e-commerce giant is eyeing BehavioSoc for the plan
E-commerce company Amazon is looking into monitoring their employees' "behavioural biometrics" in a bid to ramp up its security measures from attacks.
The retailer in an internal document cited a methods to verify if their agents are "who they claim they are."
"We have a security gap as we don't have a reliable mechanism for verifying that users are who they claim they are," Amazon said in the document obtained by Motherboard.
Amazon expressed its concerns that as more employees work remotely because of the pandemic, company data becomes more vulnerable to cases when outsiders, rogues, or imposters steal data from an employee's unlocked computer.
To put a patch on such vulnerabilities, Amazon is planning to tap BehavioSoc to licence tools that could monitor their workers' behavioural biometrics, reported Engadget.
According to BehavioSoc, which pioneers in related software, behavioural biometrics is the way a user uses their devices and apps, "such as mouse movements, typing rhythm, touch and swipe gestures or how they hold their device."
"In contrast to physical biometrics like a fingerprint, behavioural biometrics provides continuous authentication to verify digital identities by passively monitoring of behavioural inputs without negatively impacting their experience," said BehavioSoc in its Privacy FAQs page.
According to Amazon, it looked at other employee monitoring solutions but ended up relying on "privacy-aware" models like BehavioSoc, which collects anonymous keyboard data.
"Maintaining the security and privacy of customer and employee data is among our highest priorities," Kelly Nantel, director of national media relations at Amazon, told Engadget.
"While we do not share details on the technologies we use, we continually explore and test new ways to safeguard customer-related data while also respecting the privacy of our employees. And we do this while also remaining compliant with applicable privacy laws and regulations."
Companies are continuously facing threats to consumer-related data the longer remote and hybrid work remains. Amazon in the document said that India had over 120 security incident threats, followed by the Philippines with just under 70, and the US with almost 40 cases, Vice reported.