Biometrics are considered the gold standard of authentication.

But most people do not know the catch.

With passwords, matching is binary. Either it matches or it does not.

Biometrics do not work that way.

The system never gets a perfect match.

It asks: "Is this close enough to be the same person?"

And that is where two types of errors appear.

False Rejection Rate - the system rejects a legitimate user. False Acceptance Rate - the system accepts an attacker.

You can reduce one. But only by increasing the other.