[kamjam]

Getting rid of passwords altogether and using fingerprints or face recognition are offered as more drastic solutions.

Despite all the recent hoo-ha of how the iPhone 5S took mere days to circumvent the fingerprint reader using some latex and glue.

[trebor]

To bypass the iPhone 5S fingerprint scan requires both access to the physical phone, and a high quality fingerprint. And getting the latter as a very high DPI scan is no mean feat. And then you need a latex printer with the same 500+ DPI resolution to compromise the device.

Security researchers have yet to comment on if the iPhone 5S can be remotely compromised to expose the fingerprint data.

A pin, using the described method, can be captured by just about any app on Android with enough permissions to activate the camera. And I've seen quite a few applications that ask for far more authority than they need. All the application needs to do is run a service in the background and observe the motion of the phone.