Same as with NFC credit cards and similar auth mechanisms. You need hardware and OS-backed encryption that is tamper-proof.