Chinese Hackers Target Samsung Mobile Pay Technology

A group of Chinese hackers had breached LoopPay, a subsidiary of Samsung and now the technology gearing Samsung’s new mobile payment system, earlier this year. Samsung insists that its payment system remains unaffected.  

A New York Times report has revealed that a group of hackers known as the Codoso Group or the Sunshock Group by those keeping tabs on them – had breached LoopPay’s computer network as early as in March, this year. LoopPay was originally acquired by Samsung in February this year for over $250 million.

Massachusetts-based startup LoopPay was acquired by Samsung in February to deliver the tech required for the hardware giant’s Samsung Pay mobile payments system. Similar to Apple Pay and Google Wallet, Samsung Pay is meant to bring mobile NFC (Near field communications) technology to its popular roster of phones used all around the world.

LoopPay, however, has a significant advantage in the way it works by using magnetic secure transmission (MST) that works with old payment systems without the need for new infrastructure.

It is believed that the hackers were after the company’s unique technology.

LoopPay only became aware of the breach in late August when an independent organization came across the company’s data while looking into a separate investigation.

In conducting their own investigation since the revelation, Samsung and LoopPay executives are adamant that no customer payment information nor personal devices were infected. Furthermore, they claim all infected machines have been discarded.

In a statement, Darlene Cedres, Samsung’s chief privacy officer told the NYT:

“We’re confident that Samsung Pay is safe and secure. Each transaction uses a digital token to replace a card number.

“The encrypted token combined with certificate information can only be used once to make a payment. Merchants and retailers can’t see or store the actual card data.”

Samsung Pay was launched on September 28 in the U.S. and can now be used by the company’s flagship phones such as the Galaxy S6 and the Note 5 to make payments at retail outlets.

Since the news of the breach, Samsung once again appeased concerns by claiming that the hackers, while having accessed LoopPay undetected for five months, accessed email, file servers and printing from the company’s corporate network.

“Samsung Pay was not impacted and at no point was any personal payment information at risk. This was an isolated incident that targeted the LoopPay office network, which is a physically separate network from Samsung Pay.”