Half a solution...
Having a PIN or other electronic security measure is only half the solution. Sure, it makes it more difficult for anyone to carry out transactions without the card itself. But if they have the card?
That's why additional security mechanisms are a good idea. Passwords could potentially be useful, but it was slightly worrying to read on the other thread about the number of people that can't remember a simple password, just because it has two digits in it...
At work, our network passwords have no requirement for digits, but we have to change them every four weeks (well, in reality every 3.5 weeks because problems arise if you wait until the last possible moment...), and you're not allowed to reuse old passwords, so a couple of digits in the password comes in very useful :)
And how would they cope with a system like the university I went to, which placed the additional requirements of it couldn't contain any 3 letter plus dictionary word forwards or backwards (so something like rightsaidfred53 would be disallowed), anything that looked like a telephone number, NI number, DOB, or anything that looked like a numberplate (again, forwards or backwards)...
As for changing the password, at my work we have a series of five security questions required to reset the password yourself - if you forget any of them then it's a call to ICT Services. Of course, in the real world, caller ID could be used as a security mechanism, combined with however many of the security questions you can remember, for them to reset the password on your behalf...
But then, you'd need the banks to prompt you for secure security questions - stuff such as DOB, favourite colour, pet's name, primary school could easily be obtained by a hacker - particularly if you either (a) use a social networking site, or (b) use a job search site (the kind that keeps an electronic CV). So security questions may offer a bit of additional security, but they're nowhere near infallible.
Something like a Citrix keyfob (i.e. a small identification system separate from the card) could be useful - I presume most people keep their purse/wallet and keys in separate pockets.
Then, regardless of what ID methods are used, how about instead of using an iFrame to your bank or Visa, just do a plain old ordinary link. You enter your details in the full knowledge that you are where you think you are, then you click a link to take you back to whence you came, whereupon a few seconds later the bank / Visa lets the retailer's website know via a secure channel that the transaction has been authorised.
Goggles, for (hopefully) obvious reasons...