Comment Some accurate information (Score 1) 229
The article summary is dreadfully inaccurate and most of the comments are likewise inaccurate.
EMV does not support end-to-end card to issuer, or issuer to card encryption. The PCI data security standards (separate to EMV) do provide for point to point encryption, but that's not end to end encryption. EMV does nothing to ensure that "card data cannot be captured" (actually, it's quite easy to capture it; even the PIN can be transmitted in the clear in certain card simple card configurations; more complex card configs use enciphered PIN's). EMV does support three security levels (SDA, DDA, CDA) and only with SDA is it possible to clone publicly-accessible card data onto another card. Cards supporting DDA and CDA (SDA is deprecated in many countries outside the US) require more terminal processing and the data on the card cannot be cloned to another card.
EMV does provide what's effectively a DES-based transaction hash using a card-unique key which the card generates (to hash the transaction details) and which the terminal then sends to the cardholder bank which first tries to authenticate the hash, before checking if the rest of the transaction is good to go. And if all's good, the cardholder bank then generates a response hash which authenticates the transaction response back to the card. That stops man-in-the-middle attacks. Cards also use a sequential transaction serial number (ATC) to stop replay attacks. The card's unique key used to hash request and response data cannot be accessed and is one of three different keys used to hash different classes of request and response data.
There's a lot more there and most of it is publicly available from books one to four of the EMV standards, freely available from http://www.emvco.com/