Samsung Pay has acquired a huge popularity and is giving a tough fight to Apple Pay. But this news can give you a sleepless night.
Samsung Pay is not safe and it has been found in a security study. The chinks in the security can be exploited by an attacker. A hacker can allow another person to fraudulently make payments without making a contact. The magnetic-based payment system has been a common feature in Samsung phones. The process has been devised in a way that makes it difficult to grab credit card numbers from phone.
However, the system is not secure and fool-proof as claimed by Samsung. Salvador Mendoza, a developer, has found out that the existing token system designed to protect security has its own limitations. The sequencing of tokens can be predicted. The process of generating token sequence actually becomes weaker after first token is generated.
These tokens can also be stolen and used for another fraudulent transaction without any problem. Mendoza, as a proof, has sent a token to his friend in Mexico to spoof a transaction—even when Mexico does not have Samsung Pay.
But can the token be stolen easily? Yes it can be. He built a contraption to forearm and stole a magnetic secure transaction and sent the token on email to another phone and from there you can compile it in other phone.
If this is true Samsung Pay should fix the problem as soon as possible if it really want to rival the extremely safe counterpart Apple Pay.
