A system, method and computer program product that utilizes biometric measurements for the authentication of users to enterprise resources. The system includes a biometric server that stores the engine and collections of data required by the system to authenticate users. In the present invention, it is the biometric policies that determine the way or method in which a user is to be authenticated by the system. The execution of the biometric policies involves the use of one or more biometric templates. Biometric devices utilize a scientific technique to identify a user based on compared measurements of unique personal characteristics. These measurements, called biometric measurements, may include, but are not limited to, measurements of finger and hand geometry, retina and facial images, weight, DNA data, breath, voice, typing stroke and signature. The biometric policies of the present invention provide flexibility to the level of protection for individual enterprise resources. In an embodiment of the present invention, a method of storing both biometric templates and digital certificates in a hierarchical structure allows for the ease of access to biometric templates and digital certificates. In another embodiment of the present invention, the system of the present invention is implemented as a roaming profile server in a certificate authority system.