As you can see in the diagram here, the algorithm combines your name and secret using what's called a key derivation function. You can think of this akin to a hash, but instead of making a large thing represented by a small fingerprint, it does the reverse: it takes a small input set and derives a long cryptographic key from it. The result is your personal user key. This token represents your full identity in the Spectre universe.
When you enable biometrics, you've correctly surmised that we cannot perform this operation since the user is not giving us the secret component of the function. Instead, when you enable biometrics, the device places your user key in the device's keychain where it is encrypted and protected by its hardware element (on iPhone, this is the Secure Enclave).
As such, the biometrics feature does store your user key on the device in order to unlock your user without the user's personal secret. It's effectively a trade-off between convenience and security that employs all of the hardware encryption available to prevent unauthorized recovery of the token.
Naturally, unlike a traditional vault-style encryption, it remains so that if you lose your encrypted state, you can recreate it at any point.
It is for these reason that for people who are extremely vigilant, if transitioning through a space where your physical security could be compromised (eg. border crossings), I recommend turning off biometrics and temporarily changing your user's personal secret.