A research report claims that Samsung s Knox containers store PIN data in clear text. The report comes shortly after the NSA endorsed Galaxy devices for agency use. Samsung’s Knox technology provides for separate partitions, or containers, on the Android devices in order to keep personal and business data from co-mingling. A pin.xml file stored in the ContainerApp stored on the device during setup contains the unencrypted PIN number. If an attacker has access to the phone and can retrieve the PIN, he can use a Password forgotten? field to get a password hint.
Source: https://threatpost.com/nsa-approved-samsung-knox-stores-pin-in-cleartext/109018/