There's nothing wrong with the smart card system and the crypto protocols developed around them. The problem is that the applications that have been bodged onto the smart card since it was invented (in the 70s) have all been garbage. The banks and payment networks just aren't qualified to implement these things, and they don't have any reason to because they've managed to externalize the cost of fraud onto the individual customers and the merchants.
Sorry, but in this case we have a POS terminal accepting a fraudulent PIN because the card device, which could have cryptographically signed that validation, did not because the protocol didn't require it.
That's a fundamentally broken protocol. The hardware capability was there to do this securely, the software design messed up.
Unless what you're saying is that the PIN itself is an "application", in which case your point seems sorta specious. OK, so the application has a broken protocol which invalidates the whole idea of "Chip & PIN" authentication.
I think we agree. This is a broken application, built upon a sound technology. The card is perfectly capable of signing the transaction, and will only do so if the correct PIN is entered (smart cards can also be programmed to disable themselves after a number of incorrect PIN attempts). However the banks either don't know how to, or do not want to, run a public-key cryptosystem, so they don't ask the card to sign.
