You could steal that device the same way you could steal a plastic card. The intelligence inherent in that device allows for a lot of protection, though. That device itself can be locked down from a password. The payment app that you would actually be utilizing to make a payment can also be locked down.
When we talk about putting credentials under secure elements in the cloud—and we're starting with payment today, and it might include licences and passport details tomorrow—everybody can acutely recall, maybe, losing their wallet and having to make the 15 phone calls. In the instance that those are digitally provisioned on a phone, it's one call and they're all shut down, and then all reprovisioned. That's a really powerful thing for consumers.