I think the time is long overdue for the entire credit industry to transition to two factor authentication for ALL transactions.
Every ATM and point of sale terminal should require your PIN, a password, and a biometric scan. (Fingerprint swipe or something)
Online transactions should require a PIN and an alternate password created for use only where a biometric scan is not available.
Granted, it would make using your card a couple of seconds slower, but it would make fraudulent use of your card a LOT harder.
Additionally, the account should also include a lockdown password or PIN, which if used, instantly suspends the account and
prevents any further usage of that account. The account owner would use this if being forced under duress to access his account,
or if he has any reason to wish to shut down the account immediately as a safety precaution.
CJ