Notebookcheck

Samsung Pay has a serious vulnerability

Samsung Pay vulnerability allows hackers to wirelessly skim credit cards
Samsung Pay
This security issue affects any credit card, debit card or prepaid card that works with Samsung Pay, but the gift cards are safe from wireless skimming.

As Samsung Pay continues to grow, it keeps receiving increased attention from security researchers and hackers as well. Unfortunately, now a security researcher has just unveiled some security problems that can be used by an attacker to make fraudulent payments because translating credit card data into tokens is not as safe as should be.

According to ZDNet, "Salvador Mendoza found that the tokenization process is limited and the sequencing of the tokens can be predicted." He explained that the whole process gets weaker after the first token from a card is generated, so future tokens are easier to predict. To make everything even worse, he also revealed that a stolen token can be used with magnetic spoofing hardware for various purchases even in countries where Samsung Pay is not available yet.

Mendoza mentioned that this vulnerability affects all Samsung Pay-compatible cards, except gift cards. For now, Samsung did not mention anything about a patch for this problem. A spokesperson for the company said "If at any time there is a potential vulnerability, we will act promptly to investigate and resolve the issue," so the tokenization problem might go away soon. We will get back to it as soon as that happens, so stay tuned.

Source(s)

static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2016 08 > Samsung Pay has a serious vulnerability
Codrut Nistor, 2016-08- 8 (Update: 2016-08- 8)
Codrut Nistor
Codrut Nistor - News Editor
Although I have been writing about new software and hardware for almost a decade, I consider myself to be old school. I always enjoy listening to music on CD or tape instead of digital files and I will not even get into the touchscreen vs physical keys debate. However, I also enjoy new technology, as I now have the chance to take a look at the future every day. I joined the Notebookcheck crew back in 2013 and I have no plans to leave the ship anytime soon.