Biometrics are NOT a good method of user verification.
https://learn.microsoft.com/en-us/previous-versions/tn-archive/cc512578(v=technet.10)?redirectedfrom=MSDN https://www.schneier.com/blog/archives/2005/04/security_risks_2.html https://www.schneier.com/blog/archives/2009/01/biometrics.html https://www.schneier.com/crypto-gram/archives/1998/0815.html#biometrics From Schneier on security blog: "On the other hand, biometrics are easy to steal. You leave your fingerprints everywhere you touch, your iris scan everywhere you look. Regularly, hackers have copied the prints of officials from objects they’ve touched, and posted them on the Internet. We haven’t yet had an example of a large biometric database being hacked into, but the possibility is there. Biometrics are unique identifiers, but they’re not secrets. And a stolen biometric can fool some systems. It can be as easy as cutting out a signature, pasting it onto a contract, and then faxing the page to someone. The person on the other end doesn’t know that the signature isn’t v...