There is indeed a high-risk way of doing fingerprint scanning - the way Estonia intends to do it for people who want to become its e-citizens. They want to collect everyone's fingerprints and store them in a centralized database. Good luck with that not being stolen. NSA will probably break into it the same same week it goes online.
Having the fingerprints hashes stored in a secure enclave on everyone's devices seems like a much more secure way to deal with fingerprints. The first method is completely unacceptable. The latter is more reasonable.
The NSA certainly already has the fingerprint of everybody they care about, and probably has of everybody else too.
Governments collect fingerprints on several occasions, as do several buildings' security, some mass transit administration, banks, workplaces, and lots of other entities. Also, you live them everywhere anyway.
Having the fingerprints hashes stored in a secure enclave on everyone's devices seems like a much more secure way to deal with fingerprints. The first method is completely unacceptable. The latter is more reasonable.