I believe only in behavioural "biometrics" which combines knowledge and inference together with zero knowledge proof to locally authenticate users on their personal and probably secure devices. Any other attempts in using biometrics are futile.
I would argue that they store the coins in the custody vault as close to the exchange point as possible so the fast transfers are frictionless...and that would cost a premium.