User Identity Setup and Credential Verification

Fingerprint and PIN

The first time Samsung Pay is launched on a device it is automatically linked to the user’s Samsung account. Users who have not yet registered their fingerprint on the device or created a PIN and backup password are given the opportunity to do so before continuing with Samsung Pay setup and activation. See “How do I set up Samsung Pay? ” for complete instructions and a walk-through of the process.

When the necessary fingerprint, PIN, and backup password credentials are inplace, they are associated with an immutable random value which thereafter furnishes the context for valid user authentication. Cryptographic keys are associated with this single, immutable context before being encrypted and stored on the device. Hence, when a cryptogram is used for payment, user authorization must be provided and the context of the user authentication must be identical to the context associated with the cryptogram being used, thereby establishing the genuine identity of the cardholder.

In both cases—initial identity verification and transaction authentication— user input is transferred directly from the device hardware to the Secure World, bypassing the native Android OS entirely to assure that even a fully compromised Android OS cannot emulate or simulate the user’s authentication credentials.

Baked into the hardware, these Samsung Pay safeguards ultimately ensure that any cryptogram used for payment is authenticated with the credential set up when the cryptogram key was originally received upon successful cardholder ID&V, thereby preventing an attack on a compromised device from gaining access to existing payment credentials on the device. This is especially apropos under circumstances in which a device has been stolen.