Hmm. Somewhat misleading perhaps?
Authentication is normally based on 'something you know', and not just 'something you have' such as a fingerprint or any other biometric.
Technically incorrect, unless you add "insecure" to the beginning of that quote. Also, I've always been told fingerprints don't count as "something you have", they're only "something you are", which is lousy security because it can't be changed. Slightly more secure authentication is based on both something you know, AND something you have. Also not just "something you are", such as the horribly insecure fingerprint, which as noted can be duplicated. The duplication can be in any of several ways, either pre (the print itself) or post (the digital "signature" of that print) processing. Just one of the above is, today, not really considered "secure". Or at least, not "secure enough".
Biting the hand that feeds IT
