I think the conundrum is that such a device uses either a simple UI (like pressing the button), which then is unable to convey to the user which transaction is to be signed off on (the desktop/laptop/phone might be compromised) or the device has its own display and multiple-choice input that'll be too expensive and cumbersome for all to carry around all the time, everywhere.