Eavesdropping One-Time Tokens Over Magnetic Secure Transmission in Samsung Pay
Daeseon Choi, Kongju National University; Younho Lee, Seoul National University of Science and Technology
We have discovered a security vulnerability in the Samsung Pay app. The magnetic secure transmission in Samsung Pay emits too many magnetic signals that are excessively strong. Thus, we built a low-cost receiver to eavesdrop on the emitted magnetic signals. Using this receiver, we successfully eavesdropped the one-time token for a payment made on the Samsung Pay app around 0.6m ~ 2.0m from where the payment was taking place, depending on the orientation of the magnetic field emitting antenna in the victim device. We verified that the collected one-time token could be used away from the victim device if the collected payment information was quickly transmitted over the Internet.
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
BibTeX
@inproceedings {198405,
author = {Daeseon Choi and Younho Lee},
title = {Eavesdropping {One-Time} Tokens Over Magnetic Secure Transmission in Samsung Pay},
booktitle = {10th USENIX Workshop on Offensive Technologies (WOOT 16)},
year = {2016},
address = {Austin, TX},
url = {https://www.usenix.org/conference/woot16/workshop-program/presentation/choi},
publisher = {USENIX Association},
month = aug
}
