Actually that depens highly of the bank that you're using. Mine is finnish bank and they use strong (3 level) recognizing. After you have accepted the payment, you have this popup. There you have to give your static username, your current password and then it will give you a OTP query and that comes from the bank.
Making it safer than this, takes us back to paper forms.
The problem is that it's not actually any safer. All it does is open you up for getting even more personal data stolen by eg a keylogger or a man in the middle attack, as well as make the common user accustomed to giving out massive amount of information on the net, which could lead to more people falling for phishing scams.
There was in fact a scam a few months back of the more basic variety with emails and scamsites claiming to be from "Verified by Visa". People will be more likely to fall for those now.
No - the ONLY benefit is to the banks who will now have no responsibility for ANY misuse of your account. Since you have to use a personal password they can now pin all the responsibility on you for not being careful enough with it, and you will pay every cent that the scam costs you.
The fact that they try to sell this as beneficial to the customers is - to be honest - outrageous.