Barclays also use the Pin Sentry if a client asks to make a payment to a new person/account. The system asks for a new number from the pin sentry when a payment is made.
So although full details of the account could be gained from a Man in the Middle attack, it will still not be possible to siphon off funds as far as I can see.