On August 17th I was a guest at the Dutch BNR news radio station, as part of the weekly BNR Digital broadcast. I was there as expert on biometric authentication. I responded to the questions on the opportunities for biometric authentication in mostly positive manner. I argued that biometric authentication can be a user-friendly second authentication factor. But I also voiced some concerns: not all implementations as done well, liveness detection (presentation attack detection) is and will remain a (if not the) challenge and privacy can be a serious issue.
The discussion did cover the last point that well, but the point I should have made is that central storage of biometric data should be avoided unless there are really good reasons not to do so. Fortunately biometric authentic for smartphones often stores the biometric data on the phone, and this data is secured better than was the case in e.g. in (some ?) of the first generation of fingerprint implementations. Especially if FIDO is supported to provide a standardised interface to enable usage of the biometric authentication factor by third party, then biometrics can be a good way to implement second factor authentication.
If you speak Dutch, you can listen to the broadcast here: http://www.bnr.nl/radio/bnr-digitaal/10309516/17-augustus-drones-blokkeren-en-biometrisch-beveiligen (starting 11:30′).