I presume the security method is similar to being able to use Apple Watch for Apple Pay.

The Apple watch requires your Watch password or your Touch ID fingerprint on the associated iPhone before it will do Apple Pay. And the watch must be and remain in contact with your skin the entire time or the watch will immediately lock and re-require the password or Touch ID on the iPhone.

My understanding is that the Apple Watch as implemented on Apple Pay meets the technical security requirements of the payments industry, and is certainly more secure than the US only implementation of chip on card without PIN. It is even more secure than chip+PIN, as I understand it.

The Watch to unlock Mac method I would expect a similar approach. It was mentioned that the time of flight latency of the radio handshake is measured to disallow a watch that is too far away to unlock the Mac even if it was the correct watch for unlocking.