Comment Common sense, FTW (Score 4, Informative) 480
Suppose you have a "smart" credit card in the form of one of those "credit card" calculators. Keypad + simple LCD display.
When you use the card, you type a pin/password on the card, which then generates a new single-use credit card number which attaches to your account, encrypts it with your personal key, and sends it off when the card is swiped.
If you lose your card, no one else has access since they don't have your PIN(*). No one can snoop the data since it's encrypted en-route. No one can copy your card since the information never leaves the card and anyway the number is single-use only.
Suppose this same card is in the form of a thumb drive. It identifies as a security token, and will encode and decode on request, but will not under any circumstance let the keys out. All calculations are done on the device, the code is fixed and cannot be changed, and requires a PIN once when the computer boots.
You don't have to worry about viruses or data leaks.
Since it is a thumb drive, you can add public keys with abandon. To do business with any company, you send them a token encoded with your private key and their public key, they send you information using their private key and your public key. The card will require the operator to enter the PIN to store a new corporate key (for convenience). All the public keys for your credit cards, store cards, bank access, &c are stored in one place.
Suppose the device is blue-tooth enabled. Now you don't need to hunt around for a USB port - you can enter your pin and hit "accept" when you want to make a purchase at a store - after the LCD display shows you the purchase price.
If you lose your device you get a new one. Go to the bank, show identification, get a new card with the bank's keys on it. If the bank keeps a backup of your stored corporate keys, they can download the keys along with your new private key at their secure site.
The important bit for all of this is a) the calculations are done on the device not an external computer, and b) storage for multiple corporate keys (visa, MC, Pennys, Wal-Mart, &c) in one device.
This has been obvious for years, it's just one of those cases where the entrenched monopoly has no incentive to fix the problem.
(*) Even assuming a thief can hack the physical card, it takes credit card theft away from "millions of cards were exposed by computer hack" to "lots of work required to hack a single card". And your bank will invalidate your old private key when the new card is issued.