Notebookcheck Logo

Samsung Pay has a serious vulnerability

Samsung Pay vulnerability allows hackers to wirelessly skim credit cards
Samsung Pay
This security issue affects any credit card, debit card or prepaid card that works with Samsung Pay, but the gift cards are safe from wireless skimming.

As Samsung Pay continues to grow, it keeps receiving increased attention from security researchers and hackers as well. Unfortunately, now a security researcher has just unveiled some security problems that can be used by an attacker to make fraudulent payments because translating credit card data into tokens is not as safe as should be.

According to ZDNet, "Salvador Mendoza found that the tokenization process is limited and the sequencing of the tokens can be predicted." He explained that the whole process gets weaker after the first token from a card is generated, so future tokens are easier to predict. To make everything even worse, he also revealed that a stolen token can be used with magnetic spoofing hardware for various purchases even in countries where Samsung Pay is not available yet.

Mendoza mentioned that this vulnerability affects all Samsung Pay-compatible cards, except gift cards. For now, Samsung did not mention anything about a patch for this problem. A spokesperson for the company said "If at any time there is a potential vulnerability, we will act promptly to investigate and resolve the issue," so the tokenization problem might go away soon. We will get back to it as soon as that happens, so stay tuned.


static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
Codrut Nistor, 2016-08- 8 (Update: 2016-08- 8)