...'allows online users to store their most sensitive documents'...
Mmmh, can't see anything going wrong with this whatsoever! Surely using your own proprietary method of keeping this data would be best? i.e. Offline and redundantly backed-up... When this type of data becomes centralized it gets a nice big fat target painted on its back by hackers. Companies have been slow to admit breaches long after the fact too. Some memorable comments from the recent Reg article:
"PayPal security boss: OBLITERATE passwords from THE PLANET" :---
#1. Biometrics have been proven time and time again by some very well respected boffins to be unreliable in the everyday world in every sense of the word. Mostly by locking the authorized user out of their own stuff.
#2. I'm guessing this guy has never seen an episode of Red Dwarf or the film Demolition Man...
#3. I strongly suspect that the FIDO stack will allow you to be tracked amongst all these different sites, even if you're not Facebook or the Govt.
#4.You can change a password, you cannot change your fingerprint, so what happens if the data used to recognise your fingerprint leaks?
#5. Biometric is ... a braindead idea from the start. It does work in pass controls, credit cards in stores and all the other places where there is a physical person that checks you are not pulling out a fake finger.
#6. Problem of Compromise: If an authentication factor such as a pass-phrase becomes stolen or otherwise compromised, one need simply change it. If a biometric authentication factor becomes compromised, say somebody captures your fingerprint, then you screwed.
#7. Anything that connects to the Internet (or any other network) to verify identity is subject to the network route (including the USB host) being compromised. (Note the recent security certificate hacks!)
#8. Surely authentication needs to include identity + secret. Biometrics start being used to protect big amounts of money and you can bet a whole heap of ingenuity will be focused on forging/fooling biometric scanning devices.The more flexible biometrics are made to cope with natural variations due to age, environment, injury and disease, the easier it'll become to fool the reading devices.
#9. As soon as someone finds a way of lifting your fingerprints off the glass you drank your last pint from, and sorts out a method for creating a facsimile/feeding the correct hash from that into an authentication system, it will be busted wide open. And if there is a single hashing method, that will not take very long. Sounds soooooo secure to me!
#10. Paypal gets its wish, and we all get a device to authenticate ourselves. Great - so if that device is stolen, whoever has it can masquerade as us. So we need a way to authenticate that is really is the device's proper owner using it. Hmm, I wonder what that would be. Something easy, that won't fail like a fingerprint scanner after you've been working on that engine block all Saturday. Something that doesn't require a bunch of extra, costly hardware. Something that works with existing hardware, like a keyboard. Something like, I don't know, maybe a string of characters known only to the user and the device. Brilliant! I just wonder what we should call it....