HAQM One Enterprise FAQs

HAQM One Enterprise is a secure, palm-based identity service for enterprise access control. It improves the overall security of an organization by helping prevent costly security breaches. The new service delivers a fast, convenient, and contactless experience for employees and other authorized users to gain access to buildings and secure areas. It can also be used to access physical equipment like lockers, printers, and restricted equipment and software resources like applications, digital assets, or multi-factor authentication. Using HAQM One Enterprise, organizations can spend less time monitoring access, remove the need for manual security checks, and streamline operations using cloud-based management while simplifying the employee experience. To learn more, see HAQM One Enterprise. 

The HAQM One Enterprise offering includes the HAQM One device and a software authentication service, which runs on AWS. Customers must deploy HAQM One devices at their sites. After installation and activation, enterprise users can enroll by scanning their badge over a badge reader and hovering their palm over an HAQM One device to associate their palm with badge information. After enrolling, users can simply hover their palm over an HAQM One device for authentication. HAQM One device cameras capture surface-area details like lines and ridges, as well as subcutaneous features like vein patterns, and use multiple characteristics of a palm to identify each person.

Contact us to learn more about HAQM One Enterprise. A team member will get in touch to share more details about our offering, including pricing, instructions for device ordering, setup, and service activation. After activation, you can use the AWS Management Console to monitor the status of devices, manage software updates, track enrolled users, and view monthly bills.

HAQM One Enterprise combines palm and vein imagery for biometric matching and delivers an accuracy rate of 99.9999%, which exceeds the accuracy of most biometric alternatives—even more accurate than scanning two irises. Also, since HAQM One devices operate beyond the normal light spectrum and cannot accurately perceive sex or skin tone, HAQM One Enterprise does not detect gender or race, protecting enterprise users’ privacy.

Palm data and badge ID information are never stored on the device. They are immediately encrypted and sent to a highly secure zone in the AWS Cloud custom-built for HAQM One Enterprise where a unique collection of palm signatures is created for each enterprise customer, thereby providing strong data isolation and increased security for each organization.

HAQM One Enterprise is currently available in the US.

We offer two options. (1) Standalone device: This will give you the flexibility to install the device as per your needs. (2) Pedestal: In this configuration, the HAQM One device is mounted on a pedestal.

HAQM One is an identity service that allows consumers to enter, identify, and pay using only their palm at participating locations such as gyms, restaurants, retail shops, event venues, and sports stadiums. After a one-time sign-up, consumers can use their palm wherever HAQM One is available. With HAQM One Enterprise, we have developed an enterprise-focused service that helps businesses offer the secure, convenient service to their employees and other authorized users. Users must enroll in HAQM One Enterprise with their palm and badge. Once enrolled, enterprise users can hover their palm for enterprise access. However, if users want to use their palm at other locations such as Whole Foods Market or HAQM Go stores, they must create an HAQM One profile.

HAQM One Enterprise stores encrypted palm data and badge ID information for authentication.

Users can delete their data by using the Unenroll functionality on an HAQM One enrollment device. Unenrolling automatically results in the deletion of a user’s palm biometrics and badge ID information from HAQM One Enterprise systems. Alternately, users can also request deletion of their data by reaching out to their enterprise’s (employer’s) system administrator. The system administrator can manually delete the user’s biometric data through the Enrolled User Management page in the AWS Management Console.

HAQM One Enterprise ensures that the user is always in control of their data across the following stages:

Enrollment: When a user enrolls, HAQM One Enterprise stores the user’s encrypted palm biometric data and badge ID information. This data is retained until the user unenrolls from HAQM One Enterprise or when the enterprise closes their AWS account. A user’s data will also be automatically deleted from HAQM One Enterprise systems if they do not interact with a device for two years.

Unenrollment: When a user unenrolls, their biometric data and badge ID information is deleted from HAQM One Enterprise systems.

User discontinues employment with enterprise: When a user discontinues employment with an enterprise, the enterprise’s system administrator can delete the user’s data through the Enrolled User Management page on the AWS Management Console to ensure that it is no longer retained within HAQM One Enterprise systems.

Currently, we support enrollment using employer-provided RFID badges. Please find the enrollment station in your work location. First, scan your badge with the badge reader, which is connected to the enrollment station. Second, hover one or both your palms three inches above the HAQM One device so that it can capture your palm print. Once signed up, you can just hover your palm to authenticate yourself and gain access.

HAQM One Enterprise stores your encrypted palm data and badge ID information in a highly secure zone in the AWS Cloud. The secure zone is custom-built for HAQM One Enterprise where a unique collection of palm signatures is created for each individual enterprise.

You can delete your biometric data by using the Unenroll functionality on an HAQM One enrollment device. Unenrolling automatically results in the deletion of your palm biometric data and badge ID information from HAQM One Enterprise systems. Alternately, you can also request deletion of your data by reaching out to your enterprise’s (employer’s) system administrator. The system administrator can manually delete your data using the AWS Management Console.

We will securely store your palm biometric data as long as you’re enrolled with HAQM One Enterprise and employed with the enterprise. If you decide to unenroll, we will permanently delete your palm biometric data from HAQM One Enterprise systems. If you leave your current employer, your enterprise system administrator can permanently delete your data from HAQM One Enterprise systems. Your data will also be automatically deleted if you do not interact with an HAQM One Enterprise device for two years.

No, you will not be able to use your palm to pay at a Whole Foods Market or other HAQM One enabled locations, even if you enroll at an enterprise. This is because, with HAQM One Enterprise, we offer a private collection of palm signatures for each enterprise, resulting in strong data isolation and security. To use your palm at Whole Foods Market stores or other locations, sign up online or visit an HAQM One device at enabled locations.