In recent years, identity theft has grown to become a very clear and present threat to all users of computer systems. One of the main causes of identity theft is weak authentication. With the recent rise in popularity of smart phones, new techniques for more robustly authenticating users have become practical. This talk will discuss some of these challenges and opportunities and examine current authentication systems on the Android platform. We also present Quire, an extension to the Android Operating System with message provenance tracking, and demonstrate how this can be used to authenticate users to remote services while reducing the exposure to fake applications and credential harvesting applications. Finally, we apply Quire in a prototype mobile micropayment system, and show how we can achieve significant security benefits without incurring untenable performance penalties.