A number of security bloggers have picked up Tim Bass's recent post on the innovative payment mechanism now available in Thailand. Tim calls it The Magical ATM Card and SMS Message.
The mechanism appears to be an instantiation of a Fraud Free Payment for Internet Purchases, which is the subject of several international patent applications on behalf of an inventor based in Beijing.
For further explanation of how the Thai system works, see these Book and Pay instructions from Thai airline NokAir.
This is obviously an interesting development for e-commerce security. From an SOA perspective, it is also interesting as an example of decoupling the payment mechanism through a series of stand-alone payment services, which can be invoked by the Thai airline's ticketing system, thanks to an innovative payment platform provided by the Thai bank in collaboration with the Thai mobile phone company. Meanwhile, the ATM becomes a general-purpose multi-function kiosk, thus possibly restoring (at least for a short while) its potential to provide some kind of competitive advantage.
I wonder how long it is going to take for banks in other countries to sit up and pay attention?