Samsung Pay – the vulnerability that allows money to be stolen

By
Adrian Gabor
-

Samsung Pay is a mobile payment system developed by the Samsung company in response to Apple Pay, launched by Apple almost a year before the Korean platform, but unfortunately the rush to bring this system to the market comes with a major security problem that can leave users without money.

More specifically, Samsung Pay has a vulnerability in the transaction tokenization system, allowing hackers to predict how they will be generated by the platform and use them in other terminals to generate fraudulent transactions and steal users' money.

Samsung Pay, like Apple Pay, uses tokens to secure and anonymize transactions made using mobile terminals, but unfortunately this system is poorly thought out, so hackers can exploit it to steal users' money without them realizing what is happening happens until he checks his bank transactions.

Samsung Pay allows money to be stolen

Basically, Samsung pay generates a token the first time a credit card is used to make a mobile payment, and although that token is hard to guess, the next ones generated by the system are much easier to predict, and hackers can do it themselves to use them in order to make fraudulent transactions.

Salvador Mendoza found that the tokenization process is limited and the sequencing of the tokens can be predicted. ... he explained that the tokenization process gets weaker after the app generates the first token from a specific card, meaning that there's a greater chance that future tokens could be predicted. Those tokens can be stolen and used in other hardware to make fraudulent transactions — effectively a new form of card skimming — without restrictions.

In order for the hack to be carried out, the security researcher who discovered the vulnerability and demonstrated it, produced a gadget capable of stealing the payment tokens at the moment they are made, the procedure itself not being so complicated as it seems at first sight.

Mendoza built a contraption that straps to his forearm and wirelessly steals magnetic secure transmission (known as an MST) when he picks up someone's phone, which can then email the token to his inbox, so he can compile it into another phone. Or, you can hide that hardware to a legitimate card-reading machine like you would with a traditional card skimmer.

Unfortunately for users, the problem can only be solved by the Samsung company by updating Samsung Pay, and if a token has been stolen by a hacker, only deleting the card from the Samsung Pay system can solve the problem.

SIMILAR ITEMSFROM THE SAME AUTHOR

9 COMMENTS

  3. A big problem for those who use this type of payment. To be honest, I don't trust Apple either and that's why I don't use Apple Pay. Exactly as VP says, they are not gods either and they made a mistake in their turn and an example would be the security breach through which the jailbreak is installed and then they started stealing money from the users... you know how it is... no the source matters as long as the system is clear that it is not perfect. and whenever a jailbreak can be installed, it will only be an example that the system is not perfect.

  4. The idea is different, even with jailbreak this does not happen at Apple. If a hacker jailbreaks you, he cannot steal your money through tokens or exploiting Apple Pay.
    This is exactly the situation with fingerprints, the data is secured in that enclave in the AXX chip, and no one has broken them yet.

  7. https://www.idevice.ro/2016/07/31/conturi-facebook-paypal-sau-bancare-compromise-dupa-ios-9-3-3-jailbreak/

    It doesn't even matter the method of stealing; think that the jailbreak developer could activate a payment of 1 euro every 3 months and you wouldn't even notice how many people they want to be "free"... I can't even imagine how much money they could collect without to find out nothing.. So, I'm really happy every time a jailbreak appears to show me how (im)perfect the system is and makes me be more cautious.