Samsung Pay launches - but is paying by phone safe?

Sarah Coles

Samsung Pay is rolling out in the UK, so if you have a Samsung phone - and your bank is supported by the system - you can download the app and start paying by mobile. It enables Samsung users to join Apple Pay fans, and pay simply with their phone rather than fumbling for their wallet, digging out their card or fishing around for coins. It makes life easier for us, but will it make life too easy for crooks?

See also: Identity fraud hits record levels - how can you protect yourself?

See also: Would you go cash-free? One in five Britons keen to ditch notes and coins

See also: A cashless society is getting closer

It's easy to see why people are worried: when payment becomes a simple matter of waving your phone around, it feels like there's a very real risk of a criminal getting themselves in the right place at the right time in order to benefit.


The good news is that paying by mobile is actually safer than tapping your contactless card. The mobile companies are trying to change our habits - something that's notoriously hard - so they have gone the extra mile to allay our fears over security.

The first line of defence is that the mobile phones start by sending your details to your card company, but they are not actually transmitting your card number. They encrypt your card number, so that any time it is in transit, it's worthless if it's intercepted.

Last year one hacker claimed to have found a way to convert the Samsung encryption, but a spokesperson at the time said that any potential flaw would be investigated and resolved, so any potential issues were addressed before the launch.

The next level of protection is that the card company sends back a key to the 'Secure Element' of your phone. This is unique to your phone, so it automatically ties your account to your phone. It means your card processor knows which card to debit, without your details being passed over the network again or passed to the retailer themselves.

Finally, the pay-by-mobile systems have an additional level of security. When you touch your phone to the reader, you need to use your fingertip scan, a 6 digit code, or in the case of Samsung, an iris scan - which makes it even more difficult for an imposter to break.

This means that if you lose your phone, nobody can take advantage in the time it takes to delete the payment mechanism from your phone.

But what do you think? Are you ready to pay by mobile? Let us know in the comments.