The card itself doesn’t have money on it. The bank has the money and the card is just a way to prove that you have the authority to transfer that money.

Say you want to transfer $3.50 to Merchant. So you stick your card in their machine and push all the right buttons*. The exchange goes something like this:

machine to to your bank: Hey, transfer $3.50 to Merchant.
bank to machine: WTF should I let you take money out of OPs account?
machine to bank: OP says it’s cool. They have this card (which you issued to them) that says they’re allowed to move money around.
bank to machine: Oh yeah? Prove it. Here’s a long random number. Tell me the correct response number.
narrator: The chip in each card has a unique code that it can combine with the random number to generate a new long and random looking number. The bank also knows that code so they know what you’re “supposed” to get.
machine to bank: Here’s your code.
bank to machine: OK I’ve transferred $3.50 from OPs account to Merchant’s account.

You can intercept those number but they’re so large and random that they’ll never repeat. The code on the card is never transferred, the chip doesn’t have the ability to report the actual code and we don’t have the technology to read the number off the chip. The math also guarantees that (with current computers) there’s no way to calculate the secret code, even if you observe millions of these challenge-response interactions. Quantum computer will be able to do it and that’s the massive weakness in all technologies that use current encryption methods. Quantum computers do enable a totally different (and possibly better) form of encryption but that’s a bit off topic.

*There is a vulnerability here where the card might just be a stolen card. Signatures don’t protect against this well. The protection around this are strictly legal (ie you can contest charges, banks can decline credit if they think it looks suspicious, etc)