See http://www.dcita.gov.au/__data/assets/pdf_file/30809/Submission_24-_Lockstep_Consulting.pdf
Extract from the Summary
One of the most important countermeasures against spyware for now and the foreseeable future is Bilateral Authentication, to safeguard against phishing and fraudulent websites (as these are major vectors for the propagation of malware). Lockstep contends that the only truly effective means for bilateral authentication today is smartcard technology. Other commentators, and the US Government, agree that conventional two factor identity devices have major weaknesses in remote authentication over the Internet.
Therefore, Lockstep believes government would do well to foster the use of smartcards as best practice bilateral authentication. Government could do so by implementing smartcards for public servants as the standard means for remote access security. The smartcard reader supply side could be stimulated by government purchasing policy mandating the inclusion of readers in standard builds (as has happened in the US Department of Defence).