I'm curious at a practical level how knowing what someone's fingerprint looks like can help you empty their bank account. I mean, every time you go touch something you leave a fingerprint, so if they wanted to someone could dust it off and photograph it and perhaps even transfer it to a rubber mould or something. But then what? They'd need physical possession of your mobile phone wouldn't they?
Assuming I was a malware author and had remote access to someone's phone half way round the world how does reading the fingerprint image by itself help me in any way? On the other hand, if I've got control of their phone then logging all the user's password and PIN key presses, and monitoring their email in box for password reset emails and redirecting those to my account, would seem a lot more fruitful.