The gate of a fallback password is open to criminals.
For biometrics to displace the password for security, it must stop relying on a password registered in case of false rejection. Threats that can be thwarted by biometric products operated together with fallback/backup passwords can be thwarted more securely by passwords only.
We could be certain that biometrics would help for better security only when it is operated together with another factor by AND/Conjunction (we need to go through both of the two), not when operated with another factor by OR/Disjunction (we need only to go through either one of the two) as in the cases of Touch ID and many other biometric products on the market that require a backup/fallback password, which only increase the convenience by bringing down the security.
Biometric solutions could be recommended to the people who want convenience rather than security but should not be recommended to those who want security rather than convenience.
Biting the hand that feeds IT
