how secure is samsung pay

One of the safest and most widespread methods used by Samsung is Tokenization. This is a method of replacing your sensitive card information (card number, expiration date, security code, etc.) with a device-specific ‘token’ which acts as a surrogate. In mobile payments, tokens are used to protect your payment information and to reduce the security risks that come with using plastic cards.

In addition, Samsung Knox constantly monitors and protects your phone from malware and other threats. Samsung Knox also includes a security design whereby highly sensitive operations and information, such as fingerprint and payment information, are kept on a separate computer area known as a “secure environment”. Normal applications or malware have no access to the information inside.

When you add your payment card to Samsung Pay, the information is encrypted and sent to Samsung servers and, ultimately, to the card issuer's payment network (Visa, MasterCard, or American Express) for approval. A one-time password (OTP) may be requested by the card issuer to verify you are the cardholder. 

This process takes place every time you add a payment card. A new token will be generated even if you are attempting to add a card that was recently removed.

When you make a payment, you will need to authenticate your identity by using your fingerprint or Samsung Pay PIN before the information can be sent to the payment terminal. The merchant will only receive a token, and your payment information will be kept secure. The token will be sent to the payment network, where it will be decrypted and verified against the information stored in a secure internal network. Once authenticated, the payment will be approved and sent back to the merchant. Only the payment network and your bank will have information about the transaction.