Samsung immediately released a statement after a New York Times article revealed that Chinese hackers were able to infiltrate LoopPay, a subsidiary of the Korean OEM, as early as March. There were fears that because of this incident, the recently launched mobile payment gateway, Samsung Pay, may have been affected and customer data compromised. But Samsung assured its users that they were not in any way impacted by the breach and that this was an isolated incident that didn’t affect them at all.
The LoopPay office network was the primary target of the hackers, and they are operating on a physically separate network from that of Samsung Pay. The affected aspects of LoopPay was the network that handled their email, file servers and printing. There wasn’t any point during that incident or until now that the personal information of Samsung Pay users were at risk, as per the statement. Samsung goes on to further explain that LoopPay acted quickly to fix the breach, hiring the necessary security teams to identify and quarantine the affected aspects.
Samsung Pay actually uses a digital token instead of a card number for every transaction you make. This means that there is a different code that cannot be repeated or replicated after your purchase/transaction. Merchants and retailers won’t be able to see the actual data, including the encrypted token and the certificate information, which can only be used once.
It’s a good thing that Samsung got ahead of the story or at least quickly reacted to it, as the success of Samsung Pay hinges on whether or not customers feel secure in using this mobile payment gateway. They believe that they are “off to an amazing start” but it’s still too early to tell if the numbers will reflect that, especially given the competition with Android Pay and Apple Pay.
SOURCE: Samsung
