Good for you. When I say I won’t use stuff like this my friends and family mock me for being paranoid. It’s disturbing how quickly people will just do something because it seems cool and/or convenient.
You can change your password if it gets compromised. You can’t change your bio-metrics. Once a digital version of your retina, fingerprint, palm print, whatever gets leaked…you’re screwed.
I know they claim these things are locked away in HSM devices, but I don’t care. You’re trusting every single engineer, coder, tester, and mid-level manager with access to these things. It’s a long chain of trust in the typical “rush it out the door” corporate environment.
Real security and QA are the last things on their minds when they develop this stuff.