It’s common, it’s probably just that there’s an active community here!
No, cloning the card chip is virtually impossible. The card will not, under any circumstances, reveal the keys that would be needed to make a working clone.
There’s a few things that can happen however:
- The magnetic stripe can be cloned and fallback can be forced.
- The magnetic stripe can be cloned and used at a non-EMV merchant.
- A pre-play attack contactless magstripe transaction can be performed and replayed.
- The details from the card can be used in a CNP (card not present) environment, which may occasionally not even require the CVC2 and thus details from the magstripe or chip can be used (the point of the CVC2 is that it isn’t on the magstripe or chip).
- Authorisation system weaknesses can be exploited if the issuer doesn’t do proper checks of the EMV data.
- The chips can be stolen out of the card.
- The magnetic stripe may be presented to a terminal as a contactless magstripe transaction, which might get approved due to poor formatting and tolerance for such of authorisation messages. I’ve seen this demoed and don’t know how feasible it still is, but I suspect it would work in at least some cases.
So no, don’t worry, the chip isn’t being copied, doing so is essentially impossible.
No, it just doesn’t… there has never been one proven case of an EMV card being cloned. The magstripe is easily cloned, but that alone shouldn’t get a thief far post-EMV migration (notes above what it can accomplish - fallback fraud and fraud at non-EMV merchants).