Samsung Pay Launched as Investigators Secretly Looked Into LoopPay Hack

Samsung Pay Launched as Investigators Secretly Looked Into LoopPay HackSamsung is insisting that its LoopPay technology is safe and secure in the wake of revelations that its namesake developer faced an IT breach from a China-based hacker group. LoopPay’s technology provides the basis for the Samsung Pay mPayment system.

This past spring, Massachusetts-based LoopPay’s corporate network was hacked by the Codoso Group (also known as the Sunshock Group). The attack likely occurred after Samsung had acquired the company in February, and went unnoticed until late August. When it did come to Samsung’s attention, executives were evidently quick to dismiss concerns about breaches against payment data, forging ahead with Samsung Pay’s September 28th US launch date. (The service’s South Korean launch was already underway, and Samsung Pay went on to achieve great success over the next month.)

According to LoopPay head and Samsung Pay co-GM Will Graylin, the breach does not appear to have affected databases containing actual payment data  suggesting that the mPayment system remains safe for users. But as the New York Times points out, the Codoso Group is known for lingering unnoticed for long periods in hacked networks and devising backdoor access routes. Moreover, neither of the forensic teams Samsung invited to investigate the breach have yet concluded their work.

Whether any of this is of concern to potential customers remains unclear, but at the very least it underlines the new dangers associated with these emerging digital payment systems.

Source: New York Times