If the encryption is strong enough, you could assign a subset of predetermined keys to each card issued-- but you still need a robust server/network to verify the transaction ACID-style & invalidate the key (or part of the subset?) at the end while retaining the rollback ability until that final invalidation is verified.
Tricky business, for sure. Seems theoretically plausible, but I'm sure there are many things I haven't thought of.
I wonder if it could be used to create one-off cryptographic notes - that, when used (scanned), are somehow deleted and can never be used again.
Can't think of a way off the top of my head, but I wonder.