The chip is authenticated with a public/private key challenge/response. The private key is never sent to the ATM; the chip actually runs a very small program/system that can generate the correct response to the challenge using its private key. The chip is powered by the contact with the ATM.