Samsung assures Samsung Pay is secure

In the recent Black Hat conference, Samsung Pay was targeted as easy to hack. Shown were evidence of what might be the service vulnerabilities and how it might be exploited by hackers. Salvador Mendoza, the security researcher reveals that Samsung Pay’s tokens for every transactions can be blocked and used by hackers for social engineering purposes.

1. The token contains unique, one-time card credentials. It’s a surrogate for real card data.
2. A transaction counter that makes sure the token only gets used once and not for multiple purchases.
3. A cryptogram as a verification key to indicate that all the payment data has not been tampered with.

Tokens are unique for one-time use for every transactions and for hackers to be able to intercept and use those tokens, they’d had to be at close proximity with the user and get the tokens before the transaction is finished.

Samsung fires back in a blog post with some facts to get the information straight. This assures the consumers and partners that their service is fool-proof.

“Recent reports implying that Samsung Pay is flawed are simply not true. Samsung Pay uses a multi-layer security system that works in tandem with the security systems of our partners to detect any emerging threats. Samsung Pay is safe, secure and consumers can be assured that there is no known risk associated to using our payment service.”