The mental arithmetic is not required, you can just put your PIN. There are also other safe guards so the 10 BTC charge can not happen.
You do understand that that's impossible right? If the terminal is bogus, and the terminal is the only thing that can communicate with the card, then you can't make this secure.
It's not a problem for credit cards, because you can just do a chargeback, but they do have the same vulnerability.