I have a question about implementing biometric login for a sensitive app (as banking app).
A user can login and enroll for biometric login so after he can simply login with his Face ID or finger print …
Everything is set normally but I have questions that I would like to have answers on :
What happen of the device owner Allow another Person to add his biometric Id and enroll in the device ? Will he be able to login to the app ?
Is there anyway two differentiate the biometric id enrolled on the device ? Is this a security weakness ?
Suppose another user login to the app with his user name password and enroll for biometric …should the first app biometric enrollment be deleted ?
What is the best option ?