Comment All the biometric criticism is missing the point. (Score 2) 139
The fact that the doctors were trusted as both the authenticating-client and the key-holder was the issue here. Not biometric authentication. There was no promise that the doctors were not the malicious users themselves, but rather the authenticating-client here had an inherent incentive (getting paid without working) to help defeat the system. So, for all the criticism of biometric systems here -- we're missing the point, the implementation was incorrect to start. Attacking the medium is misguided, and also composed of (mostly) stupid arguments.
If this was a story of doctors having others falsify their time-cards or sharing keys it wouldn't have the same "people who like x auth method are idiots", but since it involves some slightly higher tech punch-in... well, here we are.
There's no such thing as a secure system. Just an inconvenient-to-defeat system; the weakest link/low-hanging fruit and all that. Biometric merely provides another authentication factor that can be used - so pointing to cases where people helped defeat their own locks is akin to saying that your buddy let me make copies of his keys, just look insecure keys are! It's silly. Correct implementation is key before you judge a system.