Biometric systems such as fingerprint readers or facial recognition may be appealing, but they have drawbacks worth mentioning. Their attack surfaces are larger than commonly believed, they make it hard to enforce good security rules and are not guaranteed to work all the time. These flaws should be considered when assessing the value of biometric authentication.

If we have to choose between a convenient system and a secure one, we often pick the former rather than the latter. The reason is mainly psychological. Several scientific studies have shown that we prefer instant gratification over delayed gratification, because that’s how our brains are wired. We are surrounded by instant gratification, our day-to-day actions like our hobbies, usage of social media, got us hooked on having a quick feedback. We are naturally and culturally inclined to shortsighted behaviors. This is why we like to build convenient things without caring about their security. Convenience provides instant gratification, and a short time to market. Security do not. The instant gratification of launching an app even if it is known to be insecure is so tempting compared to the delayed gratification of securing it.