That's how every bank I know in Australia, at least 2 US banks and 4 European banks do it. Transfer (sometimes login too) ? Code over SMS.
Besides, pretty much all banks simply use 2 or 3 factor authentication as an anticompetitive tactic (half the businesses in most countries pay the banks 2-300$ per month just for scheduled download of transactions)
The Estonian method is described as using a private key present on the SIM card, just like a normal smart card used for authenticating/signing.