Samsung Pay: Advantage over Apple & Google

When I got my new Samsung Galaxy S7 phone, I was lured into trying Samsung Pay. Samsung offered a $30 debit card for trying the wireless payment feature by the end of the month. I bought my phone on March 31 at about 9:30 PM. After driving back to my town, it was already 10:30 PM. Where can I find a place equipped with the latest point-of-sale equipment?

Samsung Pay lets users pay at a register without pulling plastic from a wallet. Just swipe up the app from the bottom of the phone (images of stored credit cards slide across the screen) and wave the phone near a credit card terminal. My authentication is my thumb. The fingerprint scanner built into the phone’s home button is considerably faster than the one on my daughter’s iPhone.

I had assumed that Samsung Pay was essentially identical to Apple Pay and Google Wallet. That is, I assumed that it used the NFC antenna to transmit a short range radio signal into the point-of-sale terminal—or perhaps a Bluetooth or WiFi signal. After all, the three technologies are all built into my new phone. Even my 3 year old Galaxy S4 has these three technologies.

But one thing puzzled me. At a local, all-night pizza shop, the POS system was at least 15 years old. It was an early Veriphone terminal with samsug_galaxy_s7no chip reader, no internet capabilities and an ancient RS-232 cable connecting it to the cash register. It seemed unlikely that NFC or Bluetooth was available for such a relic, even as an aftermaket upgrade. The shop owner agreed that I would have to reach for a real credit card.

Of course, this bothered me, because it was now less than 70 minutes to midnight. I had just purchased a shiny, new phone and the incentive for trying Samsung Pay was about to expire. How many retailers or restaurants are are open on a weekend at midnight? And how many would have a the new payment gear on premises?

Amazingly, when I placed my phone on the old card card reader at the pizza shop, both my phone and the cash register confirmed that I had just paid. I even received an instant message from American Express with a receipt for the pizza! (What?!!). I had seen the TV commercial starring Hannibal Buress even before I bought my new phone, but the main point—that Samsung Pay does not require new equipment nor even a tech savvy merchant—had apparently sailed over my head. 

I thought that this was a fluke. Perhaps someone had installed the new feature into the pizza shop equipment during a maintenance visit. But in the weeks that followed, I used Samsung Pay at even more antiquated cash registers. It even works with a cheap plastic reader plugged into the headphone jack of older phone (see photo). Even more puzzling, many of these merchants had no WiFi and my Bluetooth was turned off. How the heck did it work?!

There is no way that these sellers had NFC or other radio gizmos to accept payment. Yet, there it was! Each time I waived my phone at an ancient cash register, I received an instant receipt from the bank processor over the carrier network. As far as I could tell, it was the only network in the building. No one could explain how my phone had communicated with the old equipment—even with all radios disabled.

Tonight, I came across this article in a Samsung newsletter. It turns out that the ability to communicate with very old equipment really is magic!               [continue below photo]…

Samsung Pay even works with the free Square Reader

Samsung Pay even works with the free Square Reader

Last year, Samsung purchased LoopPay for about $250 million. That company figured out how to create a modulated magnetic field (they call it Magnetic Secure Transmission). A magnetic field emanates from the phone into the mag pickup head within the a card swipe slot (it’s actually a tape-recorder read head tucked into each card reader). The POS terminal thinks that a plastic credit card is being swiped through the payment slot! Amazing!!!

cassette_adapterIt reminds me of the cassette adapters that folks would stuff into car stereos before car makers added audio inputs, USB and Bluetooth. The audio quality is considerably better than using an FM transmitter, because, with the adapter, two polished magnetic tape heads were placed in direct contact with each other. Samsung Pay (formerly LoopPay) figured out how to couple the magnetic data at distance and in any orientation. Cool, guys!…I am really impressed.

Samsung Pay is compatible with almost every pay station in the universe. In theory, you could even use it at an ATM, although I suspect that the software would have to enable it for that purpose. It is the most clever use of backward compatibility and extending the investment of legacy infrastructure that I have encountered.

6 thoughts on “Samsung Pay: Advantage over Apple & Google

  1. Very creative! Can’t help to make you stop and think though about how fragile and vulnerable the system really is 🙂

  2. Hi Frank,

    If you click on the Samsung article (the link is just above the large photo of the card-swipe-phone, above), you will find a strong statement of the forethought and security that is built into the Samsung Pay architecture. Even if the magnetic transmission is tapped (it cannot be encrypted, because it must present valid card-swipe data), the credit card number is temporary, randomized and tokenized.

    Even if data is sniffed in the midst of a payment, it could not be used to steal funds or effect a duplicate payment. Perhaps Samsung has some holes that are yet to be discovered. But this certainly seems to be more secure than the typical USA payment methods: credit (buyer signature) or debit (buyer PIN, but not entered into his own, trusted gadget).

  3. Hi Ellery, my name is Adam and I’m working with Samsung on their Samsung Pay service.

    I just saw your article on Samsung Pay and just wanted to say thanks for posting it. It is always great to hear about first hand experiences. Also, we’re going to try and tweet it in the next few days.

    I couldn’t find you on Twitter, but please let me know if you use it.

    All best,
    Adam Nicholson

    • Great to hear from you, Adam. I really like my new Samsung Galaxy S7. It is the bees knees!

      Samsung Pay and serious water resistance are tremendous value adds over my GS4. They make the upgrade instantly satisfying.

      On the down side (these are relatively minor issues)…

      • I wish that Samsung had not locked out adaptive storage. It is critical to getting value from my 128GB Pro+ SD card.
      • I have loaded my GS7 with Nova Launcher. With the stock Samsung experience, I can’t resize icons or get tighter than a 5×5 home page grid. That’s odd when you consider that the phone has a mind-bending WQHD display.
      • I think that Samsung should buy or license DavDrive. It is only $1.25 to the end user and is worth 20x the cost.

      DavDrive makes the entire phone memory browsable on a local network over WiFi. No USB cables and with drive letter mapping. I am not a developer. But the drive letter mapping is important, because it lets me use my favorite 3rd party disk utils (for example to display files by date, search across folders, scan for viruses, etc.

      Please do keep in touch. I will send you my twitter handle and contact info offline.

      ~Ellery

  4. But that doesn’t make sense? How could the card number be temporary? Randomized and tokenized aside, I don’t understand how Samsung can present a temp card number to a 10+ year old piece of hardware and have a sum total billed to your account.

    Unless maybe it only works with the new “chipped” cards?

    • Hello again, Frank,

      It does not require a new chipped card. Even an old credit authorization terminal is online to the credit card company, of only via dial-up modem. Therefore, you can provide a temporary number that was issued 10 seconds ago and it will still pass muster.

      Similarly, 10 years ago, I used an American Express feature that allowed members to generate a temporary card number for use with an online purchases. The card number and the CCV check-code were authorized for just one purchase and then invalidated. If a dishonest merchant or a network hacker obtained the number and tried use or fence it, it would fail authorization.

Ellery reads all feedback. 1st comment delayed for moderation