Pay

Samsung Pay vulnerability enables hackers to steal credit cards wirelessly

A vulnerability has been discovered in Samsung Pay which can be exploited by a hacker to wirelessly steal credit cards. The way Samsung Pay secures transactions involves translating credit card data into tokens so that card numbers can’t be stolen from the device. However, security researcher Salvador Mendoza discovered that those tokens aren’t as secure as one might believe them to be. He presented more details about this vulnerability at a Black Hat talk in Las Vegas earlier this week.

He discovered that the tokenization process is limited and that the sequencing of the tokens can be predicted. He explains that the tokenization process becomes weaker after the Samsung Pay app generates the first token for a specific card which means there is a greater chance that future tokens could be predicted. A hacker who knows how to do this can steal the tickets and use them in another device to make unauthorized transactions. Mendoza said that he proved his theory by sending a token to one of his friends in Mexico who was able to use it with magnetic spoofing hardware to make a purchase using Samsung Pay despite the fact that Samsung’s mobile payment service has not been launched in Mexico yet.

Mendoza explains more about his discovery in the video that’s posted down below. Samsung hasn’t confirmed yet if it has taken care of this vulnerability but did say that “If at any time there is a potential vulnerability, we will act promptly to investigate and resolve the issue.” It also wants to remind all users that “Samsung Pay is built with the most advanced security features, assuring all payment credentials are encrypted and kept safe, coupled with the Samsung Knox security platform.”

7 Comments

Sign in »

7
Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

pigstacho
pigstacho

This is called a “proof of concept” prototype, is not like you will ask you friend to open Samsung Pay and generate tokens for you, but using other vulnerabilities you can extract the previously generated tokens or even launch Samsung Pay to generate new ones, then send them to your server and use them on other places.

jpd514
jpd514

So much for Apple Pay use of fraudulent credit cards on its system

“Reports have surfaced over the last week that fraudsters have found the soft underbelly of Apple Pay — as one would expect — and are exploiting it gleefully, with one security expert estimating the fraud rate at a stupendous $6 per $100 of transactions.”
The Los Angeles Time

Fraud:
Apple 6% per 100$
Samsung 0% per 100$

Will use Samsung Pay

o0MHJ0o
o0MHJ0o

I guess this means it’s done rolling our for the year. So annoyed that Samsung hasn’t released it in the countries it promised a year ago now.

vbx
vbx

LOL yeah, the only way is to tap the phone to a hacker’s wrist. Anyone here dumb enough to allow a stranger to get that close to you while you are trying to pay?

stondec
stondec

So this vulnerability is about as valid as saying my car is vulnerable to being hacked if if I give the key to a stranger.

mar11974
mar11974

Poor wording on the title, I feel like I’ve been trolled. Not very “vulnerable” if the user has to allow you to do it.

mar11974
mar11974

Hey, unlock your phone, unlock Samsung Pay, and initiate a payment. (Really?) Why not, hey let me see your credit card and slide it through this skimmer. Only thing predictable about the tokens is that they increase in value. Guessing a valid token (which the user had to generate to begin with, within 24 hours, that hasn’t been accepted) would be near impossible. Hack would only work with cooperation from the user. I can hack your front door if you open it for me.