I am not saying this particular system is good enough for person-to-person cash. But..
The primary problems that digital cash has to solve is double-spending. Debit/credit cards solve this problem by confirming the transaction with the central server over the internet. Credits cards used to solve this problem by trusting that someone's signature could not be replicated, but this was obviously insecure. Some cryptocurrencies solve this problem by confirming transactions with a public distributed ledger.
This system is solving the double-spend problem preventing the holder of the card from, as per OP,
> cloning (can't read the keys)
> a successful attack on another card (each card has its own keys)
> replay attacks (per-session unique keys are generated in the challenge/response)
So the secure enclave on these cards prevent double-spend.
However, it seems like the card reading machine has to be trusted in the current implementation, because it can extract an arbitrary amount of cash from your card. This prevents arbitrary peer-to-peer transactions. But this seems like a much easier problem to solve.
The primary problems that digital cash has to solve is double-spending. Debit/credit cards solve this problem by confirming the transaction with the central server over the internet. Credits cards used to solve this problem by trusting that someone's signature could not be replicated, but this was obviously insecure. Some cryptocurrencies solve this problem by confirming transactions with a public distributed ledger.
This system is solving the double-spend problem preventing the holder of the card from, as per OP,
> cloning (can't read the keys)
> a successful attack on another card (each card has its own keys)
> replay attacks (per-session unique keys are generated in the challenge/response)
So the secure enclave on these cards prevent double-spend.
However, it seems like the card reading machine has to be trusted in the current implementation, because it can extract an arbitrary amount of cash from your card. This prevents arbitrary peer-to-peer transactions. But this seems like a much easier problem to solve.