Cough Cough
http://www.bbc.co.uk/blogs/newsnight/susanwatts/2010/02/new_flaws_in_chip_and_pin_syst.html
But they dont really need to know the pin for stolen cards (see above)... plus as for its very hard to clone chip and pin.. you dont need to, just clone the mag strip, make the pin unreadable... super glue over one of the chip contacts or what ever and your given the option to complete the sale through swipe and sign in most places!
As for NFC...
https://www.youtube.com/watch?v=Otg3RWkggSw
https://www.youtube.com/watch?v=vmajlKJlT3U
http://www.youtube.com/watch?v=BR-JXDdzCko
https://www.youtube.com/watch?v=VWIzW0rRw_s
https://www.youtube.com/watch?v=cs4I-hURT7A
As for the people moaning about no one has given any good alternatives... why cant we just go multi factor authentication of some form, using something like:
http://1.bp.blogspot.com/-2sAzS2m6mas/TWKcDxPkrsI/AAAAAAAAAAU/_ewdqaZ91Fg/s1600/PayPalDual.jpg
(i know cards are coming with this built in)
So you have your pin (you know), your card (you have) and a time generated code (one time auth).
So if your going to have to type in say a 6 digit code first (a one time code) and then your pin number... the issue with this is your trading off convenience for security... so thats not likely to happen.
What would be far better would be for a one time code to be generated and transmitted by rfid or displayed as a qr code (and scanned optically) or transmitted through the chip interface and then the normal chip and pin process would take place once the first one time auth had completed... thus keeping a system that close to normal chip and pin... remove the magnetic strip full stop and remove the signature.
This means no more cloned cards, no more chip/pin (first video) spoofing, skimming no longer works...
Just an idea..