> I mean, when someone identifies themselves through biometry, there's clearly an element of intent.
If I grab your finger and press it to your device, so that I can access your data, the intent is mine, not yours. Ideally, an auth method works with the intent of the user and only the user. That's his point. You can't grab/cut a passcode out of someones brain and place it on the scanner.
Yes, but it only exists in the world during user intent. This isn't the case for an auth method which is entirely based on physically having something within your proximity. If I stand close to your, you auth method is now in my proximity, available for me to use, or possibly even take.
If I grab your finger and press it to your device, so that I can access your data, the intent is mine, not yours. Ideally, an auth method works with the intent of the user and only the user. That's his point. You can't grab/cut a passcode out of someones brain and place it on the scanner.