A security researcher has found a second vulnerability in Samsung Pay. Salvatore Mendoza demonstrated the first vulnerability at Black Hat in August. He was able to eavesdrop on a payment transaction, generate a token, and use that new token to make an unauthorized purchase. The new vulnerability uses the NFC communication standard, which is supposed to be more secure. Samsung hasn’t responded to our requests for comment; it also hasn’t yet issued a response to the researcher’s findings. Previously, the company admitted that it was possible to capture tokens at the point of sale.”]
Source: https://www.csoonline.com/article/3132360/researcher-unveils-second-samsung-pay-vulnerability.html