The biometric passport spec has support for what it calls active authentication-- this is your fairly standard challenge/response-type thing using a private key contained in the chip that can't be read or copied.
The caveat is that it's optional-- not all passports support it, and thus there are possible (depending on the reader software) downgrade attacks where a passport with active authentication could be cloned anyways if you can convince the reader not to perform the authentication step. And there are bad hardware implementations out there that don't adequately protect the private key material (leaving them susceptible to cloning anyways).
The caveat is that it's optional-- not all passports support it, and thus there are possible (depending on the reader software) downgrade attacks where a passport with active authentication could be cloned anyways if you can convince the reader not to perform the authentication step. And there are bad hardware implementations out there that don't adequately protect the private key material (leaving them susceptible to cloning anyways).