Why we built biometric lock into every layer of Scribr

Three weeks after launch, a therapist emailed us. She'd been using Scribr to transcribe sessions with her phone on the desk. One morning, a patient noticed the app sitting unlocked on her desk during a break. She didn't access anything. But the therapist's message was clear: "I need to know that if my phone ends up in someone else's hands, those notes stay locked." That email changed how we thought about security.

The moment we realised passwords weren't enough

When you're building an app for therapists, lawyers, consultants, and journalists, you're not building for people who lock their phones and forget about it. You're building for people whose work is conversation. Sensitive conversation. The kind where one unlocked screen is one too many. We could have left it to the device lock. Most apps do. But we kept hearing the same worry in user interviews: what if someone borrows my phone? What if I leave it on the table at a coffee shop? My phone might unlock with Face ID for someone's face, or they might guess my code. The question wasn't whether Scribr needed a lock. It was where. We decided it had to live everywhere in the app. Not just on the note itself. Not just on the summary. Every single screen. Every single tap. That's biometric lock app-wide.

How it actually works, and why we chose biometric over password

When you open Scribr, you see your recent calls and notes. If you haven't authenticated with Face ID or Touch ID in the last session, the app prompts you. No password field. No PIN entry. Just your fingerprint or face. Once you're in, you stay in. You can move between your transcripts, your summaries, your action items, your vault. Everything unlocked. The moment you close the app or your phone locks, the session ends. Next time you open Scribr, you authenticate again. We chose biometric because passwords are a lie we tell ourselves. People reuse them. They write them down. They share them. A fingerprint or face is something you can't accidentally leave in a notebook or text to a colleague. It's also fast. A lawyer reviewing three transcripts in a morning doesn't want to type a password six times. She wants to pick up her phone, touch the sensor, and see her notes. Biometric also means we never store your actual credentials in a way that could be breached. We store a reference to your device's biometric data, which lives in the phone's secure enclave. Even we can't see it.

Why this matters more than you might think

Here's the thing about privacy features: they're only useful if they actually get used. We could have made biometric lock an option you toggle in Settings. Plenty of apps do. But we knew that in the rush of a working day, people skip optional security. A sales rep records a call, listens back while waiting for a meeting, sets the phone down. A student records a lecture, asks a classmate to look something up on the phone. A researcher records an interview, leaves the device on a desk. All of those moments are the ones that matter. So we made biometric lock non-negotiable. It's not a feature you turn on. It's how Scribr works. It's there on Free tier. It's there on Pro. It's there on Team. It's there on Enterprise. You don't get to choose to be less secure. The first time a user sees the Face ID prompt when they open Scribr, it takes a beat. They realise: this app is treating my data differently. This app isn't assuming my phone is secure enough. And they almost always tell us later that they liked it.

The vault is encrypted, but the lock comes first

We know some of our users will upgrade to Pro and choose Vault Mode, which encrypts notes with AES-GCM. That's for the paranoid and the professional. It's for the lawyer who wants end-to-end encryption on top of everything else. But Vault Mode is optional. Biometric lock is not. Because the reality is that most people will never need military-grade encryption. What they need is a reasonable barrier between their private meetings and someone else's curiosity. That barrier is you, proving who you are, every time. That therapist who emailed us? She's still using Scribr. She uses Free tier, on-device transcription only. Every time she picks up her phone, it asks for her fingerprint. It takes two seconds. She told us recently it's become a ritual. A small moment of control over something that feels fragile and important. That's not marketing language. That's a person doing sensitive work and feeling like the tool respects that.

What we learned about security that has nothing to do with codes

Building Scribr has taught us that security isn't one thing. It's not encryption or biometric or vault or server-side logging. It's all of them working together, but it's also something simpler. Security is showing people that you've thought about the moment they're actually in. Not the theoretical moment where an attacker with a supercomputer breaks your encryption. The moment where a colleague reaches for your unlocked phone. The moment where you realise you left your device on a table. That's why the biometric lock prompt isn't an annoyance to us. It's proof that we're thinking about what you actually need. It's a small friction that buys you back control. If you're building something that touches conversations, the work of thinking, the private things that happen in meetings, you can't treat security like an afterthought. You can't leave it to the device. You have to build it into the app itself. You have to make it so normal, so constant, that it becomes invisible. That's what we tried to do.

If you record your work, if your meetings are private, if you've ever felt that small spike of anxiety handing your phone to someone: what do you actually need from an app to feel like your conversations are yours?