Hm, that's a really interesting idea. As more and more phones gain Internet access and the potential to host malware, what would you do? A hypothetical keylogger on your phone may just be able to read your text message. Likewise, it could read one time keys created on the phone. Considering how relatively easy it is and will be to pass malware through phones (i.e. over bluetooth, through the cellular radio, through traditional malware routes, through bugs in the web browser, etc.), you might as well assume your phone to be the same as a public terminal. Can anyone think of any possible solutions to this issue?