So, currently, many services that use two-factor authentication utilize one’s cellphone to verify the identity of the user. With the rise of smart phones, however, how will this effect the security of this transaction? Smart phones are, in essence, computers (even more so than phones in the past). Does this leave them at risk for malware, much like with traditional computers? Would it be possible for a piece of malware to sit on a smart phone and wait for a message from a service (such as a message with an authentication code)? Would it be possible for the malware to redirect such a message, thus allowing the hacker to not only have a password (gotten from another attack), but also receive the authentication code when he tries to log in? If this is possible, it could pose a serious threat to this style of authentication.