Amazon may monitor employee keystrokes to protect customer data

In an internal document, the company says it doesn't have a good way of verifying workers.

Sponsored Links

SEATTLE, WA - MAY 20: A sign is seen outside of an Amazon Go store at the Inc. headquarters on May 20, 2021 in Seattle, Washington. Five women employees sued Amazon this week, alleging discrimination and retaliation. (Photo by David Ryder/Getty Images)
David Ryder via Getty Images

According to an internal company document obtained by Motherboard, Amazon plans to monitor how its employees use their keyboards and mice to prevent customer data leaks. The retailer is reportedly leaning toward licensing tools from a company called BehavioSec.

"The software does not rely on personally identifiable information or other static data," a FAQ page from BehavioSec states. Instead, the company claims it uses "behavioral biometrics" to generate a profile of how someone types and uses their computer. Its software then utilizes that profile to verify that a hacker or imposter hasn't compromised an employee's device. BehavioSec's website lists Cisco and Deutsche Telekom as "partners," suggesting Amazon wouldn't be the first company to use its software. Amazon reportedly looked at other employee monitoring solutions. However, due to "challenges around collecting keystrokes data," concluded it was best to turn to more "privacy-aware" models like BehavioSec.

In the document, Amazon claims it needs such software to combat various security threats. The company points to at least four cases where its security team identified incidents where someone posed as a service agent to obtain customer data. "We have a security gap as we don't have a reliable mechanism for verifying that users are who they claim they are," the company states in the document. 

Turn on browser notifications to receive breaking news alerts from Engadget
You can disable notifications at any time in your settings menu.
Not now

With more of its employees working remotely due to the pandemic, it's also worried about a higher risk of "data exfiltration." Amazon points to several hypothetical scenarios it wants to protect itself against, including one where a customer service employee forgets to lock their computer, and a nosy roommate steals the company's data. By 2022, it estimates the software could help it reduce imposter takeover by 100 percent.  

"Maintaining the security and privacy of customer and employee data is among our highest priorities," Kelly Nantel, director of national media relations at Amazon, told Engadget. "While we do not share details on the technologies we use, we continually explore and test new ways to safeguard customer-related data while also respecting the privacy of our employees. And we do this while also remaining compliant with applicable privacy laws and regulations."

While Amazon's reasons for considering BehavioSec appear to be well-intentioned, the company doesn't have the best history with employee monitoring software. A recent report from CNBC found Amazon's Mentor app was far too overbearing to do its intended job effectively, and it would needlessly penalize drivers for things like going over the occasional bump on the road.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. All prices are correct at the time of publishing.
View All Comments
Amazon may monitor employee keystrokes to protect customer data