Mondex cards currently handle several currencies. The current cards handle up to five. They recognize many more but can store a positive amount for at most five at a time. The Mondex card will not do currency conversion.
An obvious partial counter to the threat of duplicating the card is to mint more than one, perhaps many, currencies. Lets call one of these currencies a series as in when the US mint produces a series of bills. The card would not disclose the breakdown into these series. The Mondex card would convert between currencies to avoid exceeding its storage. The series Id would be retained as Mondex money was transferred between Mondex cards. Alternatively the card could demand to call home when the number of series exceeded the capacity of the card. In this scheme only one or a few of the series would need to be repudiated instead of all of the Mondex money.
When the Mondex card issuer has reason to believe that there is bogus money in some series it can repudiate that series or at least require that that series must be converted to another series under special, non anonymous circumstances. It is not clear how to reach off line cards to inform them of the repudiation. A contagion algorithm might work.
There are many design parameters here. Keeping the design parameters secret gives temporary protection. A further danger it that breaking a card once may not keep it from accepting new a series and corrupting them as fast as they are introduced.
I don’t know whether multiple series is a viable game or business strategy.
There are other issuer strategies such as marking as marking the money as it passes thru cards. This gives extra information to the sleuth but further issuer strategies are not clear to me.
There may be solid strategies that I have not thought of. Mondex can not count in keeping those secret. It would seem better for Mondex and Mondex card issuers, if counter counterfeit strategies were disclosed for review by amateur paranoids before there were billions at stake.
I have thought a few moves ahead. The game is asymmetrical and so one side or the other may have a significant advantage. The payoff, however, is distinctly in favor of the crook.
Tools to break smart cards might come to be like burglar tools. Burglar tools still exist and are in use but they are dangerous to carry around (when the police find you with them). The tools to break smart cards, however, already have legitimate homes in many organizations and need not be carried around. Perhaps it is feasible to lock them up. Incentives, however, don’t work well here. The owner of the tool, who is in a position to lock up the tool, is unlikely to have a direct financial stake. If the tool is abused the tool owner is unlikely to be traced except by tracing the tool user. Such tools are presumably part of certain engineering courses. In such environments it is very hard to monitor usage of the tool.