Just saying things don't make them true and you clearly have no idea what you are talking about.
Its all about protocol, if it is secure it doesn't matter if the terminal is trusted or not - much like Bitcoin client communication.
Ok, let me justify my statement:
1. You have a credit card style terminal.
2. You have a small device with a chip (and no user-facing interface).
3. The terminal is actually built/compromised by an attacker.
4. The terminal shows you a transaction for 0.1 BTC. You press ok, enter your PIN, yadda yadda yadda.
5. The terminal sends your pin, and a transaction for 10 BTC.
How does the card know this isn't valid?
Since you seem genuinely interested there are 3 major safe guards:
1. The card does not know, however it tracks your average spending and will block amounts too much over that normal.
2. The card will convert the charge to say "0004e00" or 4 BTC. It will then substitute the characters like so: "AKGAePO" and send this to the terminal. Since the first and last parts of this are usually the same it will be faily easy for the user to remember that AKG=000 and PO=00. If the terminal were to cheat however the result would be say AKHBePO and by looking at only the first 3 chars the user can tell he is being over charged.
This is called the Vignere cipher and it is faily easy to break - but impossible without some amount of data and a random untrusted terminal only gets to try once.
... or he can just put his PIN and rely on the charge maximum to protect him.
3. If the terminal immediately attempts to charge the card again after having received the PIN it will fail because the card locks itself for a few seconds after each spending. It cannot tell time so the locking works by the terminal polling the card say 1000 times.