And even then you risk the payer (or note creator) knowing about the private key. Any sufficient security seal would add cost and would not help with the creator, so you would have to confirm prior to transaction that the outputs are unspent (and then, as you point out, immediately transfer the coin the heck out of there).

These requirements forces the use of an internet-connected device to assist in the transaction (verify the outputs prior to accepting the notes and spending them immediately afterwards).

Why not simply use that internet-connected device to do the transfer itself using Near Field Communication (a lot of (non-Apple) smartphones already have NFC). Just tap your phone to a payment terminal (or someone else's phone) and enter your "pin".