It turns out that Chinese hacker group had invaded LoopPay which provides technology to mobile payment service "Samsung Pay"

ByAaron Yoo

Samsung's mobile payment service "Samsung Pay"It finally started service in the USA on September 28, 2015. Samsung Pay uses the technology of startup "LoopPay" which Samsung bought in February 2015 with about 250 million dollars (about 30.8 billion yen), but the Chinese hacker group got to the network of LoopPay It turned out to be intruding, it became a big problem early on launch.

Chinese Hackers Breached Loop Pay, Whose Tech Is Central to Samsung Pay - The New York Times
http://www.nytimes.com/2015/10/08/technology/chinese-hackers-breached-looppay-a-contributor-to-samsung-pay.html

Samsung Pay LoopPay hack revealed, consequences unclear | BGR
http://bgr.com/2015/10/07/samsung-pay-looppay-hack/

Samsung Pay is a mobile payment service similar to Apple's "Apple Pay" and Google's "Android Pay", but other services use communication technologyNFC(Near Field Communication), Samsung Pay can also be used on terminals that do not have NFC. It is possible to do it by LoopPay's "MST" technology, simply by holding the smartphone over the conventional credit card payment terminal, you can pay the money with the credit card registered on the smartphone.


By adopting MST that can change credit card payment terminal to non-contact payment terminal, retailers do not need to newly introduce settlement terminal for mobile payment, and in Korea where service started a step before the US, There was settlement equivalent to 30 million dollars (about 3.6 billion yen) after the launch on August 20 th. Samsung Pay which made the start dash in Korea successful was focused on whether it can compete with Apple Pay and Android Pay in the United States.

However, it turned out that LoopPay, which provides payment technology to Samsung Pay in about two weeks after launching in the US, was under attack from Chinese hacker group. It was the Chinese hacker group called Codoso Group and Sunshock Group that invaded LoopPay's network, according to LoopPay the hacker group's aim was MST. It is in August 2015 that attacks have been discovered and it is known that the first attacks were around March of the same year.

ByChristophe Verdier

Since Samsung Pay has already launched services in the US and Korea, we are concerned about the leakage of customer's personal information and credit card information, but Darlene Cedres, Samsung's Chief Privacy Officer, is in charge of The New York According to Times, it is the corporate system of LoopPay which is different from Samsung Pay that was invaded, and there seems to be no influence on Samsung Pay at all.

Both companies said "It eliminates equipment affected by hacking, so there is no problem," Samsung Pay's user information and credit card information do not seem to leak out, but security researchers who have been investigating the Codoso Group for many years "It is premature to judge that there is no hacking effect." According to security researchers, Codoso Group frequently uses "a backdoor on the target system and repeated invasion from the backdoor for a long period of time", and if it is the same way this time, it is five months from the intrusion It is too early to judge that there was nothing in a month's survey even though I had neglected for a while.


Also, although it usually takes about 48 days to recover perfectly from hacking, Samsung Pay started the service in the US about 40 days after hacking detection, and it is not completely solved It may have launched. LoopPay says, "Personal information and credit card information are not stolen, so we will not let the legal institution deal with this one case."