HAPPY 2026! – SamMobile. Awesome deals Galaxy Z Fold7, Watch8, S25 Ultra and S95F OLED TV
Login or Join

Search

    BEST PICKS BY OUR SAMSUNG EXPERTS
    HOT RIGHT NOW
    galaxy s25 ultra – samsung apps
    Order the King of Android!
    Latest reviews
    samsung galaxy ai
    Feel the power of Galaxy AI in the palm of your hands!
    BEST PICKS BY OUR SAMSUNG EXPERTS
    HOT RIGHT NOW
    TV
    samsung qd-display explained
    Mihai Matei Explaining Samsung's QD-Display technology
    Trending
    samsung-one-ui-8.5
    Everything about the latest version of One UI
    Trending
    Samsung Galaxy AI vs. Apple Intelligence
    20250304_090612
    Your all-in-one post!
    BEST PICKS BY OUR SAMSUNG EXPERTS
    hot right now
    vacuum cleaners
    samsung-digital-appliances-bespoke-ai-jet-ultra-worlds-most-powerful-cordless-stick-vacuum-cleaner_main1
    Bespoke AI Jet Ultra

    Last updated: August 8th, 2016 at 01:47 UTC+02:00

    SamMobile has affiliate and sponsored partnerships, we may earn a commission.

    Samsung Pay vulnerability enables hackers to steal credit cards wirelessly

    Adnan Farooqui

    Reading time: 2 minutes

    samsung pay (6)
    Pay
    A vulnerability has been discovered in Samsung Pay which can be exploited by a hacker to wirelessly steal credit cards. The way Samsung Pay secures transactions involves translating credit card data into tokens so that card numbers can't be stolen from the device. However, security researcher Salvador Mendoza discovered that those tokens aren't as secure as one might believe them to be. He presented more details about this vulnerability at a Black Hat talk in Las Vegas earlier this week.

    He discovered that the tokenization process is limited and that the sequencing of the tokens can be predicted. He explains that the tokenization process becomes weaker after the Samsung Pay app generates the first token for a specific card which means there is a greater chance that future tokens could be predicted. A hacker who knows how to do this can steal the tickets and use them in another device to make unauthorized transactions. Mendoza said that he proved his theory by sending a token to one of his friends in Mexico who was able to use it with magnetic spoofing hardware to make a purchase using Samsung Pay despite the fact that Samsung's mobile payment service has not been launched in Mexico yet.

    Mendoza explains more about his discovery in the video that's posted down below. Samsung hasn't confirmed yet if it has taken care of this vulnerability but did say that “If at any time there is a potential vulnerability, we will act promptly to investigate and resolve the issue.” It also wants to remind all users that “Samsung Pay is built with the most advanced security features, assuring all payment credentials are encrypted and kept safe, coupled with the Samsung Knox security platform.”

    Google Preferred News Source
    Adnan Farooqui - Author Image

    Adnan Farooqui - Executive Editor

    [email protected]

    First Samsung device: SGH-E900

    Adnan Farooqui is a long-term writer at SamMobile. Based in Pakistan, his interests include technology, finance, Swiss watches and Formula 1. His tendency to write long posts betrays his inclination to being a man of few words.

    Via Pay
    Advertisement