Aren't those things organised the same way Apple face id is organised where the app itself can't get the biometric information, they just get a yes or no? That would be stupid as hell.

In Finland the government has allowed banks to offer (2fa) identification services to those that are using their services. If I sign into a government site using my banking ID, the bank gets paid for providing the service. To my understanding none of my actual ID information is transferred to a party wanting to identify me.

The Linkedin 'validate your identity' was the first time i was asked to actually take a picture of my passport/scan the chip. I'll refuse until they'll allow me to identify with my banking ID.