What about bad actors which swipe the phone, and it’s behind the biometric lock? Too many failed attempts may or may not be a sign of it not working well, so if it bases part of it on the failed attempts, it would lower the chances of being further protected. I know they would ask for the pattern/pin or password to re-enroll the biometric, but let’s assume that’s already known, then game over.
I only use a Windows VM For our ancient (in computer terms) Canon LIDE 60 scanner which seems to work best there (linux produces highly grey contrasted scans).
For all of our scanned documents from the scanner, I have it mapped to a network drive via Samba Shares. Since you are using Fedora, I think you may already have Cockpit installed. This makes it a lot easier and is a web gui to manage servers. You can usually access it on your Desktop via https://localhost.9090 Then you would need to install 45 Drives File Sharing plugin and setup a SAMBA share.
From the Windows VM, just map to the same workgroup you set in the SAMBA Share you created and give it a drive ID such as F: