A very interesting example from Kim Cameron on the use of InfoCards to send the credit-card number. To make it more interesting and validating the philosophy of InfoCard system being user centric and not PC centric and its extensibility I can give one more scenario regarding payment cards. As I wrote in entries here and here InfoCard sees the security device like Smartcard as a personal security token service (PSTS) which can issue security token in form of SAML assertions and so in the picture the identity provider (bank) can be replaced by the Smartcard (actually the bank issued you the Smartcard as its offline representative). Instead of downloading the one time credit card identity token from the user's bank, the InfoCard system request the Smartcard (PSTS) for SAML assertion (security token) which would contain the credit card number (can be one time valid or static), attributes of user such as name, billing address etc. Of course assertion would be digitally signed (XML signature) & encrypted (XML Encryption or SSL) and would be validated by bank once transaction is sent by the shopping site.
You can appreciate that fact that the sensitive data like credit card number, expiration etc is not on your PC but on Smartcard and you avoid a round trip to Identity provider. Smartcard as PSTS not only enable the transactions on PC but also can be used in Kiosk, ATM etc thanks to its mobility aspect. Automation (no need to type the details on web forms), good user experience and security are achieved in this model.