Surely this is where the device payment systems such as Apple Pay / Google Pay could be of use - since the information available on them is much richer. I’m not sure if a device reader sees my debit card stored on my iPhone as any different to the debit card I physically have in my pocket, but regardless, by authenticating a railcard app with Apple Pay - I can then prove validity of the railcard with photo card with that specific debit card, and it seems less likely that this would be a cause of fraud.
Presumably the reticence on this topic is that TfL and the RDG know most journeys are not intercepted by Revenue Protection, and therefore adding a scheme whereby discount is easily applied to a number of contactless cards without authentication is likely to lead to revenue risk.
It also begs the question of why it isn’t possible to store additional micro keys on a standard contactless chip, so for example season ticket information, or indeed discount information could not be stored alongside the card number etc - which would be ignored by standard systems but recognised by specialist ones.