Samsung both denies and admits mobile payment vulnerability

Security researcher Salvador Mendoza demonstrated a flaw in Samsung Pay at Black Hat last week, in which the tokens used to secure transactions could be predicted, and used to authorize fraudulent payments.

Samsung responded with a statement calling the report “simply not true.”

“Samsung Pay is safe, secure and consumers can be assured that there is no known risk associated to using our payment service,” the company said.

But then, in a separate, more detailed document, Samsung admitted that it is possible to capture a token, but said that it was extremely difficult to do so.

To read this article in full or to leave a comment, please click here