Well, my point wasn't that the original card is impossible to clone given physical access to the card. My point is that using only radio communication with the chip, it is not possible to clone it. I imagine that NFC stuff and the crypto module are isolated, and the hardware crypto module quite literally has only one command exposed, to generate a response to a challenge. So neither passive (when you hear the challenge and the response) nor active (when you can submit challenges yourself) attacks can give you the required key, even if you can find a bug in NFC that you can exploit.
As for complex protocols. I'm a logician working with proof theory. There have been precedents of full formal verifications of such protocols that, given a set of assumptions about the hardware, can exclude any possibility of a flaw in the protocol itself. Example 1, example 2. It's usually very hard, but can be done, and gives the same rigor as normal mathematical proofs.
Smart card security isn't new. So it's a reasonably mature concept, but it has usability problems in this application.