> still not 100% foolproof because the card itself doesn't have a display and Allow/Deny button.
I'm assuming you are thinking about an attack where a compromised terminal processes an attacker-issued transaction (relayed from elsewhere) instead of the genuine one.
It seems like a solution to this would be for the card to issue a challenge to the reader and only provide a very short timeframe to answer, so that relaying it elsewhere is impossible due to speed of light and all that.
I'm assuming you are thinking about an attack where a compromised terminal processes an attacker-issued transaction (relayed from elsewhere) instead of the genuine one.
It seems like a solution to this would be for the card to issue a challenge to the reader and only provide a very short timeframe to answer, so that relaying it elsewhere is impossible due to speed of light and all that.