There are several good thoughts in this post:

     One easy improvement: Make it "real two factor" by allowing users to
     require a PIN/Password in addition to the fingerprint. Could they
     have done better then a fingerprint? There are a few different
     common biometric sensors: Facial recognition, Fingerprint,
     Weight/Height, retina scans and iris scans. Fingerprints are
     probably best considering the price of the sensor and the difficulty
     to acquire the data.

     Finally: There is probably one real big vulnerability here. A stolen
     iPhone is likely covered in the user's fingerprints. It shouldn't be
     too hard for an attacker to lift a finger print off the phone itself
     to bypass the sensor.

   via [1]ISC Diary | In Defense of Biometrics.

   I hope that Apple offers more details about how the fingerprint reader
   works. The technology exists to deal with the latent fingerprint issue.
   Many corporations will want true two-factor before relying on the
   iPhone's biometrics in the enterprise.

   If this is strong & robust authentication I hope Apple makes it
   available to other manufacturers as an open standard.
     __________________________________________________________________

   My original entry is here: [2]ISC Diary | In Defense of Biometrics. It
   posted Thu, 12 Sep 2013 16:00:06 +0000.
   Filed under: technology, InfoSec,

References

   1. https://isc.sans.edu/diary/In+Defense+of+Biometrics/16553
   2. https://www.prjorgensen.com/2013/09/12/isc-diary-in-defense-of-biometrics/