This simple story and the refutes from the UK Banks serves to valaidate the need to implement a suite of fraud systems, from software based pattern recognition, through to chip cards. This story is a clear example of why Banks need to implement PassMark/ Digital Envoy type solutions to provide customer recognition in support of chip, and not rely solely on chip for online authentication.
Update: Dave Birch provided an update in the comment, that I support, regarding online authentication:
"This is incorrect. If you use even an SDA card for online authentication (eg, using token authentication) then the authenticating host will spot the clone. "
Bank chiefs defend Chip and Pin security | 24dash.com – Bill Payments
The experts, who spoke to the Daily Mail newspaper, claimed the problem could have been avoided if banks had opted for the more expensive Dynamic Data Authentication (DDA) system in cards, which is used abroad, rather than the cheaper Static Data Authentication (SDA) which is widely used in the UK.A card terminal can tell if a cloned DDA card is being used even if it is offline, but it can only tell if an SDA one is being used if it is online.
But payment body Apacs, which represents the banking industry, said that while it was true that most banks used SDA technology, they were not reliant on the technology in the chip to spot a fraudulent card.
Apacs spokeswoman Jemma Jones said: "The system is set up to spot cloned cards.
"80% of transactions in this country are online, so there is a high chance it would get caught out."
She said that even if someone had managed to clone a chip and pin card, they would still need to have the cardholder's pin to use it.
Bankwatch 
“She said that even if someone had managed to clone a chip and pin card, they would still need to have the cardholder’s pin to use it.’
This is incorrect. The whole point of the cloned SDA cards is that you can put any PIN into them and they will give back a postive verification.
“Banks need to implement PassMark/ Digital Envoy type solutions to provide customer recognition in support of chip, and not rely solely on chip for online authentication.”
This is incorrect. If you use even an SDA card for online authentication (eg, using token authentication) then the authenticating host will spot the clone.
Thanks for the clarification. The broader issue that worries me is that the messages to consumers although misleading, are in fact creating the impression that in certain situations, cards can be compromised. I take your point that is not the case with online authentication as outlined in your comment, and I will provide an update in the post.