Developmental informatics hacker
I’m no expert in the matter however this is what I understand from it.
Chips like the one in your debit card are fully fledged computers and do run software. When you plug it into something it receives power and interfaces with the other system. That’s why it is secure, because like a pc it can use encryption etc.
Come to think of it, they must also be able to run with the low power provided by near field transmission, aka contactless payment.
Anyhoots the same kinda chip is on a simcard.
As far as I understand it they run a more limited version of Java, has full access to your hardware including being able to read all memory, and being updatable remotely.
You might also be interested to know that modern hardware commonly has such secondary computers with full access built in. Take the intel management engine for example, which is part of every modern intel cpu. However there are privacy oriented companies that disable these.
The real question is who has access to these things and what are their interests. It might not necessarily be a malevolent actor. It’s one of the challenges of our time to answer questions related to these topics.
Could easily replace some people and significantly improve things.