It is currently 15-12-2017 13:12

The researcher found gaps in the payment system Samsung Pay, but Samsung denies everything

The researcher found gaps in the payment system Samsung Pay, but Samsung denies everything

by seo_worker » 2016-08-11 12:50:19



Researcher Salvador Mendoza (Mendoza Salvador) last week spoke at the Black Hat conference, a presentation in which he spoke about the insecurity of the payment system Samsung Pay. However, Samsung claims that erroneous surveys Mendoza, and Samsung Pay's all right, although the researcher twice presented evidence to the contrary.

The report (PDF), with whom Mendoza spoke at Black Hat, centered around the Samsung Pay app generates and uses tokens for authorization and transactions. The researcher said that the attackers can predict what the next token, based on the previous token has already been generated by the app. Besides, Mendoza argues that the tokens Samsung Pay "live" for at least 24 hours, even if the user did not use them, and if the user has already generated other tokens. Such tokens, the attacker can extract and use independently.

In proof of his theory, the researcher created a miniature device that can, for example, to secure for the wrist or to hide under clothing. The device is able to intercept and extract tokens from Samsung Pay as they are generated. After the deed is done, an attacker can use a device, such MagSpoof, and use the stolen information to conduct fraudulent transactions.

All of the evidence and Mendoza source code posted on GitHub.
Code:github.com/salmg/TokenGet

Besides the two vulnerabilities associated with tokens, the researcher found that Samsung uses static passwords to encrypt application files and databases. Mendoza was able triversity passwords or to access restricted data.

Qoute:"the Databases contain important information, says researcher. — They contain data about updates of the status of the token, the user server connection and data for validation of certificates".

Although Mendoza claims that he has notified Samsung about the problems on may 12, 2016, the company now prefers to deny it. In response to the calculations of Mendoza, the company Samsung has published on its website a formal denial of his studies, and then another, and then released the full press release. In fact, the company reluctantly admitted that a similar attack is possible in theory, but in practice, an attacker would have to pick close to the victim (physically) and you will also need your original message from her phone. All of this Samsung is considered highly unlikely.

Qoute:"We would like to clarify that Samsung Pay system built using the highest degree of safety technologies and is the most common mobile payment solution available at the moment. Recent allegations that Samsung Pay contains a vulnerability that is simply not true. Samsung Pay uses multi-layered security system, which works in tandem with the security systems of our partners, and identify any emerging threats — says Samsung. — Skimming model of attacks is a known problem faced by the payment network, Samsung Pay and its partners have considered this potential risk is acceptable, given the incredibly low probability of successful implementation of the attack with the tokens".

In response to these statements by Samsung, the researcher recorded a new video that shows more details of the attack proves that it is still possible, the vulnerabilities in place, and the probability of an attack is clearly not necessary to assume so low.
seo_worker
moderators
Сообщений: 789
Депозит: 0.005 BTC

Rating: 2