Comment Why not add some security (Score 1) 239
If they are doing all of this, and a main issue begging to be solved is credit card number theft, why not just add one simple layer of security? Have the security 3-4 digit PIN on the card change every 5 minutes or so? Similar to how SecureID works. If the ID given does not match the current, previous, or next one on the credit card computer the transaction fails. I would also make the security pin longer to prevent random guesses from working. Add an exponentially increasing lock-out period for failed attempts (and maybe send an email and/or phone message warning after a couple fails) and that should do the trick.