Presentation is loading. Please wait.

Presentation is loading. Please wait.

Samsung Pay RAO Lu KONG Shuyi

Published byBrice McLaughlin Modified over 7 years ago

Similar presentations

Presentation on theme: "Samsung Pay RAO Lu KONG Shuyi"— Presentation transcript:

1 Samsung Pay 1155089782 RAO Lu 1155081944 KONG Shuyi
ZHANG Hui

2 Outline Function of Samsung Pay Details of Security in Samsung Pay
Tokenization KNOX

3 Function of Samsung Pay
Credit & gift cards QR & Bar code (Alipay) Transportation cards

4 Function of Samsung Pay
1. Credit & gift cards Support both Near Field Communication (NFC) and Magnetic Secure Transaction (MST), which means that Samsung Pay can also work on all traditional POS terminals, include terminals those do not support NFC. NFC: a set of communication protocols that enable two electronic devices to communication by bringing them within 4 cm of each other. (require POS support NFC) MST: incorporates an electromagnetic transmission system, which means that Samsung Pay can also work on payment terminals that only support magnetic stripe cards.

5 Function of Samsung Pay
1. Credit & gift cards or 1. Choose card: Slide the screen from the button up to launch the payment function, then choose the card you want to use. 2. Validate: fingerprint on the home key or input password of your phone. 3. Payment: put your phone beside the POS terminal and wait for payment complete.

6 Function of Samsung Pay
2. QR & Bar code (Alipay) Samsung pay can also bound with Alipay and generate an QR & Bar code card. Follow the previous payment steps to finish payment using Alipay.

7 Function of Samsung Pay
3. Transportation card After adding the transportation card into Samsung pay, people can use Samsung phone as a transportation card, even the phone is power off. At present, this function is available in Beijing and Shanghai.

8 Security in Samsung Pay
Overview of Samsung Pay Secured Communication End-to-end 3DES encryption plus Tokenization TrustZone: KNOX Framework Reference:

9 Security in Samsung Pay
Terminology PAN: Primary Account Number(16-digit) Token: An authorized voucher to interchange for goods or services. A substitute value of PAN. Also called DPAN. Cryptogram: An element contains ①encrypted data derived from the token;②timestamp;③Application Transaction Counter TSP: Token Service Provider ID&V: Identity and Verification

10 Security in Samsung Pay
Samsung Preference TSP: Global payment networks Key type: Static key Security in Samsung Pay Tokenization Payment Workflow ID&V ID&V Token Requester TSP t t t ID&V t Acquirer Payment network Issuer t t

11 Security in Samsung Pay
3DES Encryption 3DES = Triple DES = Triple Data Encryption Algorithm Symmetric-key Block cipher Applies DES three times to each block Cipher Details Ciphertext = EK3(DK2(EK1(plaintext))) Plaintext = DK1(EK2(DK3(ciphertext))) Block sizes : 64 Rounds: (16×3) Key option1: K1≠ K2 ≠ K3 Key option2: K1= K3 ≠ K2 Key option3: K1= K2 = K3(DES)

12 Security in Samsung Pay
End-to-end Authentication: Fingerprint of PIN Pad Cryptogram computation: Based on the key, only after successful authentication, one cryptogram per authentication Key access: Only particular card network TA Cryptogram security: cannot be brute-forced outside of the card network TA Guarantee Every Transaction using a token is explicitly authorized by the user.

13 Security in Samsung Pay
Token + Cryptogram

14 Security in Samsung Pay
Token + Cryptogram Example 16 digits token 20 digits heart Reference: Black Hat USA 2016,Samsung pay: tokenized numbers flaws and issues,  Salvador Mendoza

15 Details of Security in Samsung Pay
KNOX KNOX is Samsung's defense-grade mobile security platform built into our devices. Simply turn on the device, and you're protected. The security platform of Samsung mobile devices since 2013, provides the total approach to mobile security, ensuring that your device is secure, out-of-the-box.

16 Details of Security in Samsung Pay
KNOX Multi-layered security SE for Android Trust Zone Secure Boot & Trusted Boot Hardware Root of Trust

17

18 Details of Security in Samsung Pay
Three layers of security: Biometric authentication KNOX Tokenization

19

Download ppt "Samsung Pay RAO Lu KONG Shuyi"

Similar presentations

HCE AND BLE UNIVERSITY TOMORROWS TRANSACTIONS LONDON, 20 TH MARCH 2014.

HCE AND BLE UNIVERSITY TOMORROWS TRANSACTIONS LONDON, 20 TH MARCH 2014.
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
Business Data Communications, Fourth Edition Chapter 10: Network Security.

Business Data Communications, Fourth Edition Chapter 10: Network Security.
EECC694 - Shaaban #1 lec #16 Spring2000 5-4-2000 Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.

EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
1 Authentication Protocols Celia Li Computer Science and Engineering York University.

1 Authentication Protocols Celia Li Computer Science and Engineering York University.
By: Piyumi Peiris 11 EDO. Swipe cards are a common type of security device used by many people. They are usually a business-card-sized plastic card with.

By: Piyumi Peiris 11 EDO. Swipe cards are a common type of security device used by many people. They are usually a business-card-sized plastic card with.
LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.

LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.
Secure Electronic Transaction (SET)

Secure Electronic Transaction (SET)
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.

_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
Network Security Lecture 26 Presented by: Dr. Munam Ali Shah.

Network Security Lecture 26 Presented by: Dr. Munam Ali Shah.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)

Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Web Security : Secure Socket Layer Secure Electronic Transaction.

Web Security : Secure Socket Layer Secure Electronic Transaction.
Invitation to Computer Science 5 th Edition Chapter 8 Information Security.

Invitation to Computer Science 5 th Edition Chapter 8 Information Security.
1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.

1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.
1 1 Patented QR code solutions James Wu www.jrsys.com.tw We Simplify Security.

1 1 Patented QR code solutions James Wu We Simplify Security.
Online Decision Process

Online Decision Process
Mar 18, 2003Mårten Trolin1 Agenda Parts that need to be secured Card authentication Key management.

Mar 18, 2003Mårten Trolin1 Agenda Parts that need to be secured Card authentication Key management.
Henric Johnson1 Chapter 7 WEB Security Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter 7 WEB Security Henric Johnson Blekinge Institute of Technology, Sweden
1 Authentication Celia Li Computer Science and Engineering York University.

1 Authentication Celia Li Computer Science and Engineering York University.
Copyright © 2016 VALENTINE OBI, MD/CEO, eTRANZACT PLC The Experience Powering Retail Payments in Digital Africa.

Copyright © 2016 VALENTINE OBI, MD/CEO, eTRANZACT PLC The Experience Powering Retail Payments in Digital Africa.

Similar presentations

Ads by Google