Authentication is a problem currently without a suitable solution.

That is what I think. I have yet to use a system that succeeds on the two criteria required:

1) Secure.

2) Usable.

For the record, I dislike the card readers. My bank issues one where you can check the PIN as many times as you like and it will helpfully tell you whether you got it right or not. OK there are 9999 combinations but I bet some smart person could pull it apart and automate the check getting the PIN within a couple of hours at most. Maybe minutes or even seconds.