We've been taught to protect our digital lives with passwords. "Make it strong." "Don't reuse it." "Change it every 90 days." It's a ritual we perform religiously. But there is a fundamental flaw in this logic: passwords are designed to be changed. If a hacker steals your password, you reset it. The breach is contained.

Imagine a thief steals your face. Or your fingerprint. Or your voice. You can't reset those. You can't grow a new face or change your fingerprint. Once your biometric data is stolen, it is compromised forever.

In Part 1, we looked at the sensors that watch and listen. Now we're moving to the sensors that identify—and the stakes have never been higher.

What Your Device Actually Captures

Biometrics are biological measurements used to identify individuals. Your device uses them to unlock itself, but they're also harvested to build a profile of who you are.

Your phone doesn't take a photo of your face for FaceID. It projects over 30,000 infrared dots onto your skin to create a mathematical model of its depth—the curve of your nose, the distance between your eyes, the contour of your jaw. This model is stored as a hash on the device's secure enclave. In theory, it never leaves the phone. In practice, apps that request "FaceID" access are interfacing with that model, and the data pipeline extends further than most users realize.

Your fingerprint works similarly. The scanner doesn't "image" your finger; it maps the capacitance differences between the ridges and valleys of your skin, creating a high-resolution topographic map stored as a mathematical representation.

Then there's your voice. It has a unique frequency, pitch, cadence, and resonance pattern. Speaker recognition systems extract these features to create a "voiceprint"—a mathematical signature that identifies you. And here's where it gets creepy: modern generative AI models can clone your voice from as little as three seconds of audio.

The Unresettable Risk

If a database of passwords is breached, the company forces a reset. If a database of biometric templates is breached, there's no reset button. Your child's face is now a public key. If that key is stolen, it can be used to unlock accounts, bypass security, or impersonate them.

You can change a password and a phone number. You can't change your iris pattern or your gait. If a malicious actor obtains your child's biometric data, they possess a permanent key to their identity.

And then there's the generative AI connection. Biometric data is the raw material for cloning. The more data a company has on your child's face and voice, the easier it is for bad actors to create a realistic synthetic replica. Imagine a scammer calling your child's school, sounding exactly like you, asking for an early pickup. Or a deepfake video of your child saying something they never said, circulating on social media.

This isn't hypothetical. Voice cloning services already exist commercially. Facial reanimation technology can puppet a person's face in real time. The biometric data your child's device collects today is the fuel for these systems tomorrow.

It's Not Just for Unlocking

You might think, "I only use FaceID to unlock my phone. That's safe."

It's just not that simple. Many apps request "FaceID" or "Camera" access not just to unlock, but to "verify identity" for banking, shopping, or social features. Each request extends the data pipeline beyond the secure enclave. Some apps scan faces in the background to "tag" people in photos or to feed classification models that categorize users by age, gender, or emotional state for targeted advertising. And your biometric data is often shared with third-party vendors, data brokers, and machine learning training datasets. Once it leaves your device, you lose control over who trains what on it.

When Biometrics Don't Fit

Biometric systems are designed for a neurotypical baseline. They assume the user can hold still, look directly at the camera, press a finger flat against a sensor, and speak in a clear, measured tone. For many neurodivergent children, these assumptions break down.

The infrared dot projection used by FaceID is invisible to the human eye, but the act of being scanned—holding still, staring directly at the device, waiting for the green check—can be intensely uncomfortable for children with sensory processing differences. The demand to "hold still and look at the screen" can trigger anxiety, avoidance, or shutdown. Personally, I get queasy if I have to hold still and look into a camera for more than a few seconds.

Children with dyspraxia or fine motor coordination differences may struggle to place their finger flat and still enough for TouchID to register. Repeated failed attempts create frustration and a sense of failure around a security feature that is supposed to help them. Children with interoception differences may struggle with the regulated breathing and vocal control required for voice-based authentication. The demand to "speak clearly and naturally" into a device can feel performative and exposing.

When biometric systems fail to accommodate neurodivergent users, the fallback is almost always a passcode or password. This is actually a good thing from a privacy standpoint—passcodes are more secure than biometrics in many scenarios because they can be changed. But the experience of "failing" at biometric authentication can reinforce a child's sense that technology wasn't built for them.

If your child struggles with biometric authentication, don't force it. A strong alphanumeric passcode is a perfectly valid—and often superior—alternative. The convenience of FaceID is not worth the cost of your child's comfort or the permanence of their biometric data in a corporate database.

Reclaiming the Biometric Layer

Go to Settings > Face ID/Touch ID (iOS) or Settings > Security (Android). See what is enabled and which apps have access. Turn off FaceID/Fingerprint for apps that don't strictly need it—games, social media, shopping. For high-security apps like banking and email, use a strong alphanumeric passcode instead of biometrics. Yes, it's less convenient. But convenience is the enemy of sovereignty.

Biometrics are a double-edged sword. They are more convenient than passwords and passcodes, but they are permanent. Once your child's biometric data is out there, it belongs to the data pipeline, not them.

In Part 3, I'll bring it all together with the Hardware Lockdown—the final step to reclaiming control over every sensor, every permission, and every data point.

The Hardware Leak Part 3: The Lockdown
We’ve exposed the sensors and the risks. Now, let’s lock it down. A practical guide to reclaiming your child’s digital sovereignty in 20 minutes.