Samsung Pay was under fire after a security researcher Salvador Mendoza presented a way to attack the payment service at the security conference Defcon. The attack works by intercepting the unique payment token that is generated with every transaction using the service. Mendoza demonstrated how tokens can be intercepted by using a wrist-mounted device. Because the tokens are for single-use only and expire 24 hours after being generated, the attack requires the user to authenticate using a fingerprint, without actually completing the mobile payment. Check out the 5-minute...
Source: http://www.gsmarena.com/samsung_pay_is_vulnerable_to_payment_token_sniffing_thats_extremely_difficult_to_pull_off-news-19854.php
