I imagine that beyond the obvious "what if I lose control of my device(s)" justification people really just want dead simple authentication. It's a password you always have on you and as long as it's never copied its quite secure, atleast in that you have a complex password unique to you that can be applied in an instant while still being a significant form of verification.

that said, I'm sure that spoofing a fingerprint is easier than I'm imagining and that there's probably plenty of insecurities in BMA..