I did some research and found the Android 6.0 Compatibility Definition Document.
This was stated under the Fingerprint Sensor section:
Device implementations with a secure lock screen SHOULD include a fingerprint sensor. If a device
implementation includes a fingerprint sensor and has a corresponding API for third-party developers,
MUST rate limit attempts for at least 30 seconds after 5 false trials for fingerprint
So.. I guess there’s no workaround for this at the moment.