MUCH more simple: Establish a semaphore system that only allows one login per card. You insert a card, and the system IMMEDIATELY goes to a lock file (and the time of PIN entry would be enough) and allows only that insertion to proceed. Even if other cloned cards pass PIN, the lock file would prevent any more transactions.
Easier said than done.
You have the variety of manufacturers (NCR, Diebold Nixdorf, Nautilus Hyosung et al), machines at differing maintenance levels, banks (too many to count), geographic areas, and network conditions.
At the very least, you’d have to remotely set that semaphore server-side and have some sort of agreement between all the moving parts.
tl;dr: It’s not an easy job.