Call it over-the-shoulder data theft. It happened to Donald Malloy on a recent business trip to Las Vegas.

Malloy, business development manager for NagraID Security, used his American Express card to buy some water and snacks at a Las Vegas convenience outlet. The next day he got a phone call from AmEx advising him that someone used his card to make a fraudulent $900 purchase at an online consumer electronics store.

AmEx absolved Malloy of responsibility and issued him another account number. He figures the person behind him in line at the convenience store snapped a camera phone photo of his AmEx card while he was paying for his snacks.

"I thought they were texting," says Malloy. "They probably e-mailed it to some back-end shop who knows where and they started making purchases with that card."

It's another example of how readily free Web services and new mobile devices are being adapted to criminal pursuits.

Too bad AmEx does not yet make available the technology Malloy is pitching on the exhibits floor at the RSA cybersecurity conference in San Francisco this week.

MasterCard and anti-virus giant Symantec this week announced a partnership to introduce payment cards that use NagraID technology to issue a unique six-digit passcode. The code magically appears in a sliver of a window in the upper-right corner of the payment card. The card holder must enter the passcode to authorize any online transactions using the card.

The technology has been available for several years, but is only now catching on. Banks in Poland, Turkey and Taiwan are running pilot programs, using cards that look and feel like any ordinary payment card. MasterCard and Symantec have begun trying to persuade banks in North America to offer such cards to their patrons.

Whether U.S. banks are receptive remains to be seen. "In the past couple years, with the recession, the banking world has not been willing to invest in any new technologies, but that's changing now," says Malloy. "As fraud grows, banks are realizing that they need to come forward and adopt something that's going to help them in the future."

But are U.S. consumers ready to give up convenience and take the extra step to call up and use a unique passcode for every online purchase?

"Some consumers will balk," says Malloy. "I think as banks more and more will want to offer this to their customers to show the extra level of protection. They are actually doing something for their customers and leading the way."