Many card-and-PIN personnel entry systems use both a PIN and a “Duress PIN.” The duress PIN is usually some simple permutation of your chosen PIN (“add three” or “subtract one” for example) so that you can type it in as quickly as you would your normal PIN. A PIN of 1234 would then become 1237 or 1233, and unless you’ve chosen a PIN with personal significance (birthday, address, etc.), or one that spells a word on the keypad, you can even tell the person using your card what your duress PIN is off the top of your head.
With personnel entry systems, the duress PIN permits entry while alerting the guards of the building (and/or local police, or appropriate level of force for facility being protected). The idea is, as you suggested, to allow the criminal to gain access without raising his suspicions (and endangering the compromised person).
The system I have in mind only allowed one person through for each PIN entered before sounding an alarm. This means that the hostage would have to be left outside of the secure area if the hostage-taker wanted access. This frees the hostage and leaves the hostage-taker without a human shield.
Security could then lock down all entry or exit into the region with the criminal, isolating him with the minimal amount of compromised data/people/systems. Then they come in with guns and big sticks and body armor.
For what it’s worth, I’ve never seen this in a bank or ATM, but I can imagine that it would be useful in a well-monitored facility. Your biggest problem implementing it in a public space is fraud: a person could use their duress PIN at an ATM, and show up with a ski-masked accomplice, then help him/her get away and file a completely bogus anti-helpful report with the cops.