Given the number of random things we're expected to put our cards into
The banks really ought to devise some sort of method to verify not only that the device is secure (how? that's their problem to figure out) and to assure clients that the device is a real payment device - perhaps by displaying a code word known only to the cardholder and the bank?