[samwillis]

Yes, if the pin number is entered into the software running on the phone then that software can easily be changed to log people pin numbers.

[anxx]

True, but eventually the hardware PIN has to become a software PIN that will be transmitted. Why is it more difficult to sniff out hardware PINs?

[lawtguy]

The PIN is only transmitted to the chip embedded in the card. If the PIN matches, the smart card chip authorizes the transaction. So the PIN is never transmitted to the card processor, just the authorization message from the card. They only allow specialized tamper-proof terminals for Chip and PIN cards as that's the only place you could sniff the PIN.