Mastercard’s “Smile to pay” or “cry to privacy”?

Mastercard is rolling out a controversial programme that will allow shoppers to pay at the till with a mere smile or wave of the hand, as it tries to secure a slice of the $18bn (£14.4bn) biometrics market.
While face recognition technology has long raised eyebrows among civil rights groups, the payments giant said it was pushing ahead with a biometric checkout programme it claimed would speed up payments, cut queues and provide more security than a standard credit or debit card.

Do you think biometrics makes sense for digital authentication when looking at the 4 properties of a good key:
1. Easy to use
2. Hard to lose
3. Easy to revoke
4. Hard to copy?
A password can be changed, your smile and wave can not and what are then the risks for the data subject?