Is the possibility of fingerprint compromisation a problem?
No, provided that the system is soundly laid out. A system’s release of its own fingerprints is not a problem, when for example the application does not receive a fingerprint data set from just anywhere, instead the data can arrive exclusively via the sensor which is secure. Appropriate measures can be added to the sensor to reject mechanical fingerprint copies from a released data set, e.g., through a liveness detection. A personal pass provides a nice example for the possibility of reliable verification even for public biometric characteristics (here the face). It suffices if the personal pass is forgery proof, i.e. forgeries are relatively easy to recognize.