Why we locked Scribr behind your fingerprint

The moment we understood what we'd built

Scribr sits in your pocket. It hears confidential conversations. A therapist's notes. A lawyer's case discussions. A consultant's client strategy calls. A researcher's interview recordings. These aren't memos or emails you can lock in a filing cabinet. They're audio and transcripts living on a device that also holds your calendar, your messages, your banking app.

That therapist's question made us realise something obvious only in hindsight: we'd built a product for conversations that matter. Conversations where privacy isn't a feature request. It's the entire point.

We started asking ourselves hard questions. What if your phone was left on a desk? What if a colleague borrowed it? What if it was stolen? Biometric lock sounds like a security feature. It is. But it's also an acknowledgement: we understand what you're recording, and we're building with that responsibility in mind.

Not bolted on. Built in.

We could have made biometric lock optional. A checkbox in settings. 'Enable fingerprint for Pro users.' Clean. Segmented. Standard.

We didn't.

Every single tier of Scribr. Free, Pro, Team, Enterprise. Biometric lock across the entire app. No exceptions. No upsell messaging. You open Scribr, and your phone asks for your fingerprint or face. That's the default state.

This decision cost us. Engineering time. More iOS permission requests. Deeper integration with system security frameworks. A customer support category we could have skipped. But we made the choice because it felt wrong to offer a scaled-down version of privacy. You don't get 'some security' based on what you pay. You get the same biometric requirement whether you're on the free tier or running a team across five offices.

Building it into every layer meant every line of code assumed: this person's audio matters. Treat it that way.

What people actually wanted to tell us

Once we shipped it, the feedback came fast. Not complaints about friction. The opposite. Users told us they felt safer. A legal professional said it meant she could leave Scribr open on her desk without thinking twice. A student said she could record lectures in the library without worrying about roommates scrolling through her notes. A sales team lead mentioned that his reps trusted the app more once they knew it was locked.

One message stuck with me. A researcher who uses Scribr for sensitive interviews wrote: 'I've used voice recording apps for years. I've never felt comfortable leaving them unattended until now.' That's not about technology. That's about signal. It tells you: this company designed this for what I'm actually doing.

We didn't invent biometric lock. iPhones have had it for years. But the choice to make it non-negotiable, across every tier, every feature, every user story, sends a message. Not 'we have security.' But 'we thought about your situation and we built for it.'

The thing nobody asked about but everyone cared about

Interestingly, biometric lock almost never comes up in sales conversations anymore. It's not a differentiator we pitch. We mention it once, matter-of-factly, and move on. But when we ask users what made them choose Scribr over other tools, it lands somewhere in the top three reasons. Not as a feature. As a feeling.

What we learned is this: people don't talk much about the security choices they appreciate. They talk about the ones that make them feel careless. The absence of friction around something that matters is its own kind of trust. When you don't have to think about whether your app is locked, when it just is, you stop worrying. You start using the product for what it's meant to do: capture your conversations accurately and keep them safe.

That's the whole point.

Building for the conversation, not the feature list

Here's what strikes me now, six months into this: biometric lock is the smallest thing Scribr does. We spent more engineering hours on the transcription engine. On sync. On the action-items widget. But this feature, this one choice to lock the entire app at the system level, defined something about how we think.

We're not trying to be everyone's note-taking app. We're trying to be the app for conversations that need to stay private. For knowledge workers whose job is their mouth and their ears. For people recording things that matter.

That starts with a simple question: can I trust this app with my phone unattended? If the answer is anything less than yes, we've failed.