In Scandinavia, usually just by showing the "payment sent" screen to the merchant. The merchant can check their own device for the notification if they want confirmation.
For most situations, spoofing a sent-screen that usually displays the vendor or persons name, is not too easy to do in the heat of the moment, without preparation, so it's not really been a problem yet.
The annoying background video shows it: http://mobilepay.dk/da-dk/Pages/mobilepay.aspx