Can Credit Card Use be Made Safer?

I love the convenience of shopping with credit card , but I hate the fact that stores, online as well as brick and mortar ones, store so much personal information and especially credit card numbers. Do an Internet search for "credit card compromise" and some mind boggling information comes up. Here is a sample: 120 millions accounts compromised last year !

Credit cards are authorized at the time of purchase, so there should be no need to store it for later use. For online shopping, there is some convenience of not re-entering the information with every purchase but cost is very high if merchant's database is compromised.

The design of whole online shopping process is flawed. Perhaps this whole process could be designed differently with a much higher level of security. Couple of ways it could be done:

Firstly, Internet payment service providers store credit card information and act as a gateway for all Internet transactions. This is much better than thousands of online retailers each one of which stores credit cards. Service providers will probably number in single digit, so there is less number of places where card information is stored. This model works reasonably successfully in the physical world with credit card issuers Visa, Master Card, and Amex etc. It could have been made to work in Internet. Incidentally, there are services which try to do exactly that: Paypal, Google Checkout and Amazon payments. These services are popular for transactions where parties don't trust each other. When it comes to online shopping, almost everyone trusts online stores implicitly and most of online stores don't use these services. Ideally, online services should have outsourced handling of customer information that is not required after transaction is over.

Secondly, online shopping systems could have been designed with a client side application installed on user's computer that stored the credit card numbers and validated it every time a purchase is made. There is really no need for the merchant to store the credit card information as long as credit card authority authorizes the payment. This way the number of credit card compromises could have been reduced drastically. If a customer machine is compromised, it potentially gives away information about credit cards stored on that machine, which surely won't be in thousands or hundreds of thousands as is typically the case for merchant's database compromises. And it also provides the convenience that user does not need to enter the information for every purchase. In fact, it will be simpler compared to existing paradigm. Existing paradigm requires entry of credit card information for each online store, with client side application, entry needs to be done only once for the lifetime of the card. I know, why it did not happen this way, self interest of the merchants and system designers. They made their life easier at the expense of end users.