Cryptography behind chip based credit cards (smart cards)?
Exact cryptography depends on the bank. The communication standard (ISO 7816) is flexible and does not mandate specific cryptographic algorithms. In practice, you would find the two following models:
The card does symmetric cryptography only (symmetric encryption, MAC). The card has a static identifier (which contains, roughly speaking, the card number and similar information) which has been signed by the card issuer (a copy of that signature is stored by the card, who sends it to the payment terminal). The card chip contains a secret value which is also known to the bank; that secret is used as a key for a MAC computed over the transaction details.
The card can compute digital signatures. It contains a private key which is known to no other entity (in particular, the issuing bank does not know the private key either). The corresponding public key is certified by the bank, i.e. the bank has signed a package containing that public key and the card ID. That signature is stored on the card, and sent to the payment terminal.
In both cases, the PIN code is sent to the chip, to convince it that its rightful owner is present, and therefore the chip should MAC/sign the transaction details. Main differences between the two models are:
In the second model, the payment terminal can make sure, in an offline way, that it talks to a genuine card, by verifying the bank signature over the card ID and public key, and then the card-computed signature itself, using the card public key and the known transaction details. With the first model, the payment terminal cannot make sure that it talks to a genuine card; through the bank signature over the card ID, the terminal can make sure that a valid card with that specific ID exists, but the card actually inserted in the terminal could be a clone, who spews out random junk instead of the expected MAC.
In the first model, since the bank has a copy of the card secret key, it could theoretically frame the card owner, by computing fake transaction. With the second model, the bank can claim that since it does not own a copy of the card private key, transactions are necessarily genuine. This may matter in a legalistic point of view, in case of litigation between the bank and its customer. This is not an absolute -- we enter here a lawyer-infested battlefield, where mathematics are just an element among others -- but the second model may reduce costs for the bank, through their own insurance system against payment defaults.
Cards which can do asymmetric cryptography are more expensive than cards which can do only symmetric cryptography. The price difference has much reduced; an order of magnitude would be 0.1$ vs 2$ (building price). However, the card market has a huge latency because changes in the protocol can percolate only after cards have expired and payment terminals have been updated (the latter being the slowest of the two).
Ten years ago, all payment cards in France ("Carte Bleue") followed the first model. This meant that a payment terminal, typically offline, could be fooled with a card clone, containing a copy of a valid card ID, but producing only junk instead of the MAC. So in practice, terminals would allow offline mode only for small amounts (say, less than 60$ or so) and even then would require online mode (the terminal asks to be stowed on its charging base, which contains a modem or ethernet plug) on a random basis. In later years, WiFi and 3G allowed terminals to go online much more frequently, in a smooth way (the restaurant waiter can stay with the customer, at his table, for the duration of the operation).
There was also, around 2000, another issue, which was that the signature from the bank (over the card ID) used 320-bit RSA. Factoring a 320-bit modulus is computationally easy. A self-taught engineer called Serge Humpich noticed that, factored the modulus, created a fake card (i.e. not a clone at all, but still accepted by offline payment terminals), and thought himself a genius. He then tried to "sell his expertise" to the group which manages the banking smart card standards in France (anecdote has it that he contacted them through a lawyer, and he selected a blind lawyer so that the man could not describe his facial features, should legal hijinks ensue). The said group thought it was blackmail, and called the police. Humpich was arrested during a demonstration involving a couple subway tickets with a fake card (the dozen innocent bystanders suddenly turned out to be a dozen police officers in plain clothes). The whole story was a conflation of blunders: a 320-bit RSA modulus, in 2000, was certainly a mark of severe incompetence (even when it was chosen, in the late 1980s, it was already too small with regards to known academic cryptanalytic results); and the ludicrously wacky details of Humpich's actions showed that he was quite severely deluded on the novelty of his "findings".
It uses digital signatures.
The secret number stored on the card is a private key. To perform a transaction, the card reader generates a summary of the transaction: date, time, amount, merchant ID, etc. The reader sends this to the card. The card uses its private key to generate a digital signature of the transaction details, and sends this back to the reader. The reader can then use this signature to prove that the card was present. However, the private key is never revealed, so the reader cannot generate any other digital signatures.
The precise protocol is quite complex and has a number of variations (e.g. online/offline operation). It is standardised as ISO/IEC 7816, to ensure that cards and readers from different manufacturers can work with each other. If you're interested in the low-level detail, this Wikipedia article is a good start.