Like many other enterprises, humanitarian organizations are investing in their digital transformation. In this sector, an important effort is put into biometric solutions. The ICRC has been exploring new ways of how they could integrate biometrics into their beneficiary programs, as these technologies could improve the efficacy of assistance as well as permit new ways of helping people across the globe. However, despite the potential advantages, the humanitarian imperative of “Do no harm” must be ensured before any new application or implementation of new technologies is integrated into humanitarian operations. As a means to ensure the individual's privacy, dignity and safety, the ICRC needs to evaluate if biometric authentication systems could lead to any harm to individuals. In this work, we assess the different parts of biometric authentication systems and investigate their potential risks and vulnerabilities. We further evaluate existing biometric security frameworks and extend on them by integrating the distribution of components over functional parties. With our framework we managed to construct three different models for general biometric authentication and assessed their individual functional advantages as well as their sensitivity to external and internal attacks. Though our framework provides evaluation of general systems, we hope our research will provide the ICRC a better foothold in this rapidly expanding field.