There is no reason we cannot have credit card like things that do not pass plain text authorization. I believe some places have already switched to useing smart cards which leverage cryptography to proved identification without revealing the secret. I'm not sure exactly what crypto is used in practice, but as a proof of concept you can imagine this being done with normal public key chryptography.
The only reason is that credit card companies haven't implemented such a system.
I'm actually shocked that we've been able to use our current pull payments system for so long without more problems than we've currently seen.
One innovation I did like (which I only saw when I was using Bank of America) was a feature that allowed you to create new, internet-only, credit card numbers on the fly with a self-chosen credit limit that was tied to your checking account. I would have loved to see this implemented in a physical card so that you could just use a different cc# for each separate transaction and only authorize it (in perpetuity) for the exact amount of the transaction.
