if you can install an overlay between the keys and the actual circuit board, you can easily capture the pin, and launch a replay attack.
a much better way is to have a portable wallet that "pays" a merchant by transferring a signed tx, which the merchant can verify and broadcast.
I'm not even going to ask what you thought it was we were discussing. Some of you need to do some basic research before posting in this thread. Or at the very least, read what others post.
I've tried to follow this thread, but it meanders a bit.
Is the basic idea under discussion having a wallet-only client running in a small hardware device that can interact with POS terminals?
Most of the smartcards that I've seen are just (tiny) general purpose CPUs embedded in a card, usually with a small ROM containing a secret key. This is not a useful model for bitcoin. For bitcoin, you need the secrets in RAM (flash, etc) because you need to be able to add new secrets. You also need to make sure that you don't ever let the device communicate with a hostile device using the same physical pins that can be used to reprogram or dump it.
You, for instance, don't have a clue.