Credit card online security

Martin Krafft blogs about the "security" in credit card numbers, where you can theoretically pay anything with just a number and a name, which can be just read off of any credit card.

Since fairly recently, this is no longer true. As I discovered last week (when I wanted to renew my grep.be license), banks now have the ability to require that a user is redirected to their site in order to confirm a payment. In my case, this requires me to sign the payment with my digipass. This obviously requires me to have an account for their online banking system, but I don't think it is unreasonable to require an online banking account if you want to be able to do payments online.

This is both good and bad. Good, because it increases security tremendously. Bad, because I'd lost my digipass again, so I couldn't go ahead with the payment

(I have gotten a new one from the bank in the mean time, and just renewed the domain).