Troy Hunt has a good and accessible account of what kinds of threats PINs, Touch ID, and Face ID secure users from and, ultimately, how Apple is being pragmatic instead of idealistic in the degrees of security it provides. He’s provided one of the clearest accounts of the different security properties associated with iPhones that I’ve read recently.
On biometrics, he notes that:
The broader issue here is trusting those you surround yourself with in the home. In the same way that I trust my kids and my wife not to hold my finger to my phone while I’m sleeping, I trust them not to abuse my PC if I walk away from it whilst unlocked and yes, one would reasonably expect to be able to do that in their own home. The PC sits there next to my wallet with cash in it and the keys to the cars parked out the front. When you can no longer trust those in your immediate vicinity within the sanctity of your own home, you have a much bigger set of problems
This is the kind of threat posed by government agencies who have taken hold of you, your personal effect, and can compel you against your will. In such cases, you’ve got 99 problems, and your phone is just one.
Excited Pixels 