The problem of coalition-resistance is easily solved when using
tamper-resistant devices. In fact, it is impossible for two
members to create a new card because they cannot access to
protected data. In particular, they have no knowledge about the
group-shared secret key (only their cards have). Moreover,
producing a signature without knowing the private key violates the
security assumption of the underlying signature scheme.