Actually, it doesn't, because properly used biometric isn't a sole auth method. You want to use it coupled with at least a pin - then suddenly just looking over your shoulder isn't enough, you have to handle the phone carefully, or steal the fingerprints off your glass. That's more work, and makes it more costly and skill intensive. It's not impenetrable, but still quite efficient.

Good point. If it's two or more factors then the weakness of the fingerprint factor is not such a big deal. Is the iPhone 2 factor?

I think there is too much of an emphasis on using uniqueness for security. The idea is that if "It could only be you!" you are secure.

The sci-fi vision is a world where a fingerprint or retina scan is taken and that's it. There's no username needed, just the fingerprint itself is enough to confirm your identity. In reality, the idea of uniqueness for security actually would create security problems, because it removes the other factors involves, and biometric codes like fingerprint cannot be changed as needed (technically a fingerprint can be changed 9 times. A voice on the other hand cannot.)

An NFC tag/card/ring, seems much better to me, since these can be changed as needed and would be more difficult to hack than taking a fingerprint off the phone.

An armed thief could steal your ring or fob along with the phone, but they could also make you use your finger to unlock your phone for them. So I don't think that's really any added protection in that situation.

The thief that just grabs your phone off the counter or out of your pocket will have a much tougher time with the NFC tag than with the fingerprint.