When your phone is constantly with you, when you're using it to store confidential information (contacts, calendars, messages, call history), when it can be used to purchase goods and services... then doesn't it make a good mechanism for authenticating you?