• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to footer
  • Our Services
  • Contact Us
  • Newsletter
  • Top Nav Social Icons

Mobile ID World

Mobile ID World

Identification Revolution

  • Mobile ID
    • What Is Mobile ID?
    • Identity Associations
    • Premier Partners
    • FAQ
  • News
  • Solutions
    • Behavioral
    • Facial Recognition
    • Fingerprint Biometrics
    • Iris Biometrics
    • Second Factor
    • Smart Cards
    • Smartphones
    • Vital
    • Voice
    • Wearable Tech
    • Other
  • Applications
    • Access Control
    • Cloud Technology
    • Commerce
    • Enterprise
    • Healthcare
    • Identification
    • Internet of Things
    • Law Enforcement
    • Strong Online Authentication
  • Exclusive
    • Interviews
    • Featured Articles
    • Podcasts
  • Companies
  • Events

Samsung Denies Researcher’s Claim Samsung Pay Can Be Hacked

August 8, 2016

A security researcher says it isn’t too hard to defraud Samsung Pay users.

Samsung Denies Researcher's Claim Samsung Pay Can Be HackedSpeaking at a recent Black Hat security conference, Salvador Mendoza said that the encryption used to mask the payment data in Samsung Pay transactions can actually be predicted if you monitor the token output over a certain period. And Mendoza had developed a device that can track those security tokens wirelessly as they are sent out via Samsung’s magnetic secure transmission (MST) technology, which is the technology that allows Samsung Pay to emulate traditional swipe-based payment cards. In other words, a fraudster can secretly monitor transaction data, and then use it to make new security tokens for fraudulent transactions.

Samsung has already responded to Mendoza’s claims with a statement asserting that its system is, in fact, secure. In a statement, the company outlined the encryption process, noting that “Multiple layers of security from Samsung Pay and our partners are in place to detect threats to security.” While the response is somewhat vague with respect to the specific system used by Mendoza, it’s also worth noting that there haven’t yet been any reports of fraudsters actually hacking Samsung Pay accounts the way Mendoza described.

This isn’t the first time Samsung has had to deal with a security issue related to MST. Ahead of the launch of Samsung Pay, LoopPay, the company that provided its MST technology, suffered a security breach against its corporate network. When the fiasco came to light, Samsung launched its own investigation, at the same time insisting that user data was safe while proceeding with the US launch of Samsung Pay. There have not been any reports of compromised user accounts stemming from the incident.

Source: AndroidHeadlines

Related News & Articles

Germany’s Information Security Office Achieves FIDO’s First Level 3+ Authenticator Certification

Thales Introduces Double-Sided Document Reader

Google Wants to Let iOS Users Lock Incognito Tabs Behind Biometrics

Primary Sidebar

Learn About Mobile ID and Aviation

Tweets

Sponsored Links

facetec logo

FaceTec’s patented, industry-leading 3D Face Authentication software anchors digital identity, creating a chain of trust from user onboarding to ongoing authentication on all modern smart devices and webcams. FaceTec’s 3D FaceMaps™ make trusted, remote identity verification finally possible. As the only technology backed by a persistent spoof bounty program and NIST/iBeta Certified Liveness Detection, FaceTec is the global standard for Liveness and 3D Face Matching with millions of users on six continents in financial services, border security, transportation, blockchain, e-voting, social networks, online dating and more. www.facetec.com

FACEPHI is a global leader in Facial Recognition technology and in Mobile Biometrics technologies. With a strong concentration in the financial sector, FacePhi’s product is rapidly becoming a service used by banks all over the world. Its implementation doesn’t just save money, it is also a way to attract clients and build loyalty, while increasing the security of transactions for both the customer and the business. To learn more about FacePhi, visit https://www.facephi.com/en/

Recent Posts

  • Nordic-Baltic Ministers to Push for Cross-Border Digital ID Interoperability
  • 1Password Rolls Out Passkey Support for iOS Users
  • Somalian Government Launches Digital ID System
  • Philippines Authorities Aim to Roll Out Mobile IDs By Year’s End
  • Ethiopian Authorities Enroll Students in Biometric Digital ID Program

Footer

  • About Us
  • Company Directory
  • Advertise With Us
  • Contact Us
  • Privacy Policy
  • Terms of Use
  • Archives
  • CCPA: Do not sell my personal info.

Follow Us

Copyright © 2023 MobileIDWorld