If I understand things correctly, the major point with one-time PAN-codes is that they should limit fraud performed by merchants.
It seems that one-time PAN-codes could also be used to more or less anonymize the customers with respect to the merchant. This though requires that the payment scheme is on-line based like 3D Secure rather than using static schemes like HW tokens. Comments?
