Technology is changing the way we think about crime. There are many forms of cybercrime that are steadily on the rise. Malware, ransomware and ATM skimming are just a few of the attacks that we need to worry about.
Last year the FICO Card Alert Service recorded the highest number of ATM compromises ever in the U.S. Read our article on credit card skimming crimes to see ways to stop it. Cybercriminals are now focusing their attacks on mobile payment services.
A flaw has been discovered in Samsung Pay that hackers are able to exploit. Samsung Pay is a mobile payment service that can turn your phone into your wallet. You add your credit, debit, gift, membership and loyalty cards to your phone so you don't have to swipe them when making a purchase. Here is a video demonstration of how it works:
Credit card data is translated into tokens when using a magnetic-based contactless payment system. The idea is to keep hackers from being able to steal credit card numbers from your gadget. It's in the tokenization process that the flaw has been discovered.
Researcher Salvador Mendoza says that token sequencing can be predicted. This means once a token is created from a specific card, hackers have a better chance of predicting future tokens.
That would allow the predicted tokens to be stolen and fraudulent purchases could be made with a different gadget. This opens up a new world of card skimming and comes with no restrictions.
Mendoza tested his theory by building a device that can steal magnetic secure transmissions wirelessly from someone else's phone. He was then able to send the stolen tokens to himself by email and compile them into a different phone. Once he loaded them into a magnetic strip spoofer, the tokens were ready to use.
Samsung says they have the most advanced security to keep transactions safe and they will address any issues that may arise. Check out their video on Samsung Pay security to see their process.
To better protect yourself from attacks, we recommend having a security software solution that will shield you from digital dangers that are increasingly everywhere.