Chinese Researchers Uncover Vulnerability in Mobile Payments

Chinese Researchers Uncover Vulnerability in Mobile Payments

October 2, 2017         Written By John H. Oldshue

Mobile payments are often touted as more secure than traditional credit card payments, since a dynamic code is used to process the transaction instead of your payment card details. However, researchers from Hong Kong have found there are vulnerabilities with these types of transactions.

The two-year study, conducted by researchers at the System Security Lab at Chinese University, examined four types of data exchange, including near-field communication (NFC), QR code scans, magnetic secure transmission (MST) and audio signals.

NFC transactions, such as those used by Apple Pay and Android Pay were safe, as these types of payments provide two-way communication between the terminal and the device. Thus, if the token has been stolen, the user will get a notification on their device immediately that the payment failed, which will allow them to take action.

The other three forms of  mobile payments were vulnerable to hacking. The team found criminals can steal the token involved in MST and audio signal transactions by tampering with the transmission process. Hackers can also gain access to a phone’s camera to record an image of the QR code. Once the token or code is stolen, hackers can use this information to purchase goods.

The team reported the vulnerabilities to China’s lead payment processor Alipay and Samsung, which have reportedly taken action.

The lead researcher, Professor Zhang Kehuan, warns consumers that no type of payment is absolutely secure, so shoppers should remain vigilant.

“As researchers we only identify loopholes and plug them, but we can never guarantee [that more won’t] show up in the future,” Zhang told South China Morning Post.

Zhang warned smartphone users against “jailbreaking” or “rooting” their mobile devices and to avoid using apps from suspicious sources.

The information contained within this article was accurate as of October 2, 2017. For up-to-date
information on any of the terms, cards or offers mentioned above, visit the issuer's website.


About John H. Oldshue

John Oldshue is the creator of He worked for over 15 years in television and won an Emmy award for his reporting. He covers credit card rate issues for
View all posts by John H. Oldshue
Featured Low Interest Card
Top Features : 1.25X miles on every purchase; no annual fee; bonus of 20,000 miles once $1,000 is spent in first 3 months
Featured Cash Back Card
Top Features : No Annual Fee, Bonus Offer, Cash Back
Featured No Annual Fee Card
Top Features : Earn cash back twice. 1% when you buy plus 1% as you pay; 0% APR for 18 months on balance transfers
Featured Bad Credit Card
Top Features : No Annual Fee; Cash Back match at the end of your first year; Social Security Alerts
Featured Fair Credit Card
Top Features : No annual fee; access to higher credit line after making first 5 monthly payments on time
Featured Limited/No Credit
Top Features : No annual fee; reports to major credit bureaus; access to higher credit line after making first 5 monthly payments on time