So I’m in the early stages of planning a password manager application and was just wondering how organisations which allow biometric authentication on mobile devices ensure security even on devices with low quality hardware. I understand that devices like IPhones have relatively reliable face id authentication but how do companies like banks ensure reasonable steps to protect data when the user hardware may be of a lower quality than the typical standard.

I’m sure there must be cheap phones out there somewhere which boast biometric features that aren’t particularly reliable so do developers run some sort of hardware check/requirement in order to allow biometric authentication?