how can my 3 year old daughter open my phone with fingerprint sensor

I have some professional experience with this.

It happens sometimes. I've worked with people who developed fingerprint recognition software/hardware, and they tell me there's the occasional case where a fingerprint is "close enough". You're not really looking for a match that's accurate to a courtroom standard for a fingerprint match, or else you'd be trying to use it over and over again until it finally matches. In fact it only needs to sample a small portion of your fingerprint (although "enrollment" on an iPhone requires multiple presses to try to combine them into a larger re-creation of the fingerprint) , so the number of permutations are exponentially smaller than with something like a police fingerprint. The software also isn't looking to compare images, but to compare specific details.

It stores a template file of "minutiae" and not a complete fingerprint. It might be looking for one or two different kinds of minutiae, and will store them in the form of relative location and direction. The software then acquires a section of your fingerprint, converts it to minutiae, and then tries to match it to a comparable section of any of your stored templates. The idea is as a password replacement, where a match only has to be "good enough". When there was only a 4-digit passcode there were obviously 10,000 possible combinations and a chance that someone randomly guesses it. Your kid's fingerprint is that random guess matching. Here's an explanation:

http://biometrics.mainguet.org/types/fingerprint/fingerprint_algo.htm

Most algorithms are using minutiae, the specific points like ridges ending, bifurcation... Only the position and direction of these features are stored in the signature for further comparison.

If you're really paranoid about your daughter accessing your phone, you can change the passcode, delete all the stored fingerprint data, and use a different finger.

You would have to enroll her fingerprint in Settings>TouchID & Passcode, just as you did yours.

Yes, change your passcode. A friend of mine recently thought his 3 year was getting into his phone with Touch ID. The kid had learned the passcode.

If indeed her fingerprint does register as a match, this situation is not impossible as the probability of someone else matching you is 1 in 50,000. Try enrolling a different fingerprint and deleting the one that she matches to.

About Touch ID advanced security technology - Apple Support

OriginalName022 wrote:

The OP's reply mentioned that she managed to purchase an app, which couldn't possibly be done with the device's passcode. Though it's not entirely clear how this happened and I'm having difficulty imagining a three year old navigating the App Store and actually correctly following the prompt to place her finger over the home button... (Maybe they meant an in-app purchase?) And I agree that more information from the OP would be very helpful here.

You haven't spent much time with three-year-olds lately, have you? 😉 And, if the tot knows the phone passcode, they may well know the Apple ID passcode as well.

She may know your passcode. Change it.

The OP's reply mentioned that she managed to purchase an app, which couldn't possibly be done with the device's passcode. Though it's not entirely clear how this happened and I'm having difficulty imagining a three year old navigating the App Store and actually correctly following the prompt to place her finger over the home button... (Maybe they meant an in-app purchase?) And I agree that more information from the OP would be very helpful here.

Very few to be honest. Not a fan of kids in general... Those I do know have difficultly using the keyboard to properly enter information but the passcode screen is very easy to use for them. I also had a friend whose left pinky matched with my right pointer finger so I do have experience with the limitations of Touch ID...

It's still more likely that the kid knows the passcode. Hopefully the OP will keep us updated.