Samsung Pay Tokenized Numbers, Flaws and Issues
Offered By: WEareTROOPERS via YouTube
Course Description
Overview
Explore the security vulnerabilities and potential flaws in Samsung Pay's tokenization system in this 40-minute conference talk from TROOPERS17. Delve into offline mode, token expiration dates, and random critical numbers. Examine social engineering risks and witness security demonstrations. Investigate international usage, real-time attacks, and the interplay between MST and NFC technologies. Learn about the secure element, NFC tags, and potential exploits. Analyze the terms of service and discover key takeaways for implementing safer mobile payment systems. Gain insights into the proper handling and usage of tokens in mobile payment platforms.
Syllabus
Intro
Welcome
Who am I
Terminology
Why Samsung Pay
Offline Mode
Tokenization
Token Expiration Date
Random Critical Number
Social Engineering
Security Demonstration
International Use
RealTime Attack
MST
NFC
Secure Element
NFC Tags
Example
Getting it talking
Terms of Service
Samson Play
SAMSON
Some takeaways
Questions
Safe implementation
Sending tokens
Using tokens
Taught by
WEareTROOPERS
Related Courses
Modmob Tools - Home Made Tools to Test Mobile Devices and Monitor NetworksWEareTROOPERS via YouTube Microsoft IT - Secure Journey to IPv6-Only
WEareTROOPERS via YouTube Introducing Faction - A Modern, Powerful, Multiplayer C2 Framework
WEareTROOPERS via YouTube A Diet of Poisoned Fruit - Designing Implants and OT Payloads for ICS Embedded Devices
WEareTROOPERS via YouTube Hardware Side Channel Attacks on the Cheapest
WEareTROOPERS via YouTube