assuming you can even implement a protocol that doesn't allow the private keys to be leaked, you'll also need some sort of way to prevent unscrupulous merchants from skimming the card using a tampered terminal.

related vid:
http://www.youtube.com/watch?v=JABJlvrZWbY