Black Hat 2016: 10 Security Threats To Watch


Email this CRN article

http://www.crn.com/ckfinder/userfiles/images/crn/slideshows/2016/galaxy-s7-vs-iphone-6s/samsung-pay.jpg

Samsung Pay

As mobile payment systems work to gain traction with users, security is a key feature they need to get user buy-in. Samsung Pay, in particular, has touted its security features as a differentiator, but a presentation at Black Hat this week said the system isn't immune to security flaws. Salvador Mendoza presented findings around the app's use of tokens, where Samsung does not have full control over their use, particularly in airplane mode, and also cannot guarantee a token generated by Samsung Pay will always be used by the same device due to its random token numbers and Magnetic Secure Transmission technology. These flaws could make it easier for attackers to steal and use tokens, as well as possibly guess the tokenized number, the presentation said.




Email this CRN article