This peace of mind is important when navigating our hyperconnected age as cyber threats become more common than you think and are often undetectable until too late. The global cost of cybercrime is expected to surge in the next four years, rising from $9.22 trillion in 2024 to $13.82 trillion by 2028.² Therefore, it is critical to use a device that benefits from an ecosystem of protective measures — such as security updates.

But where do these updates come from, and why do they pop up on your phone so regularly? Deep at the heart of Samsung’s Mobile eXperience Business lies Samsung Project Infinity, a classified operation. Samsung Newsroom met the specialist units within Samsung Project Infinity who safeguard Galaxy devices and users around the clock.

Deep Diving for Unknown Dangers

The Cyber Threat Intelligence (CTI) taskforce is a reconnaissance unit within Samsung Project Infinity along with the Red (RED), Blue (BLUE) and Purple (PURPLE) Teams that go beyond lab conditions to identify real-world dangers. RED and BLUE perform proactive attack and defense functions, seeking out vulnerabilities and taking measures against them. PURPLE is a special operations unit that acts as both a sword and shield for specific critical areas. These teams are strategically deployed in various countries all over the world including Vietnam, Poland, Ukraine and Brazil.

They work covertly. The only time you’ll ever feel their presence is when you get an update containing a security patch.

CTI is dedicated to identifying potential threats and stopping hackers from taking control of your device by staying on top of the latest risks. They work to prevent malicious actions, address threats involving the trade of stolen information and ensure your smartphone or tablet stays securely under your control.

The taskforce protects Galaxy’s internal infrastructure — safeguarding customer data and employee information such as access credentials — since any confidential information stolen by a hacker could be sold or abused for further attacks.

To identify potential threats and deploy countermeasures, CTI regularly explores the Deep Web and the Dark Web — bustling markets for security exploits, spyware, malware, ransomware, illicit tools and confidential corporate and customer information.

Justin Choi, Vice President and Head of the Security Team, Mobile eXperience Business at Samsung Electronics, leads CTI. With over 20 years of experience in the U.S. tech industry as a cybersecurity authority and ethical hacker, Choi has collaborated globally to fortify security for major financial and tech firms. His expertise in identifying and mitigating zero-day threats drives the development of advanced security measures that protect over a billion Galaxy users around the world.

“Occasionally, we engage in security research by simulating real-world transactions,” said Choi. “We closely monitor forums and marketplaces for mentions of zero-day or N-day exploits targeting Galaxy devices, as well as any leaked intelligence that could potentially serve as an entry point for system infiltration.”

As an ethical or “white hat” hacker — whose deep understanding of hacking helps to identify and address vulnerabilities — Choi explained that any hint of suspicious behavior within the system is swiftly traced to its origin.

For example, request for excessive privileges, unexpected behavior, and network traffic with unknown servers could point to a potential breach, at which point CTI traces Indicators of Compromise to identify the threat actors and the purpose of the attacks.

“Once we spot these kinds of threats, we collaborate with developers and operators to lock everything down for preventing attacks,” said Ranger, a CTI member. (Samsung Project Infinity staff protect their identities with aliases to avoid being personally targeted by hackers.) “We even communicate with other departments and partners on private channels to avoid taking any chances.”

CTI also studies threat actors to decipher their behavioral patterns. Understanding their motivations and objectives can help reveal their attack methods and provide insights for fortification.

“Sometimes, an attack is financially or politically motivated,” added Tower, another CTI member. “Sometimes, they just like to show off.”

Eliminating Threats Before They Become Real

While real-time threat detection is crucial, a robust offensive security policy is equally vital. RED and BLUE are inspired by military practices in which a red team simulates enemy attacks and a blue team creates defenses to ensure safety in the face of ever-changing threats. In Samsung’s approach, RED simulates hacker attacks and designs new attack scenarios to identify potential vulnerabilities, whereas BLUE develops and implements patches to protect against them.

Specializing in combating zero-day attacks, the teams address vulnerabilities before they can be exploited to prevent unauthorized access or data breaches. One notable data breach is the Pegasus incident in 2020 that left an operating system vulnerable.

The RED taskforce initiates their project by investigating Galaxy devices. They continuously use and analyze new features in Galaxy and delve into recently disclosed vulnerabilities, while envisioning potential security threats against users. By conducting diverse research, once they select a target that presents any potential risks to actual Galaxy users, the RED taskforce begins their quest to detect 0-day vulnerabilities in the target.

“One thing we do is fuzzing,” said Arrowhead, a RED member. “That throws all kinds of unexpected data at software to uncover any hidden flaws.”

Other methods such as code auditing as well as static and dynamic analyses help develop a comprehensive understanding of a system’s health and safety. The team contextualizes each threat in everyday scenarios to prevent threats to Galaxy devices.

“It’s not so urgent if there’s a flaw with the alarm clock, but a glitch in location data could lead to somebody being unknowingly followed through their device,” added Gate, a BLUE member. “Once we discover a hypothetical weakness, we hurry to patch it and roll out an update to the relevant models.”

The Specialists Among Specialists

PURPLE acts as both aggressor and protector to ensure the security of critical areas, the key features of Galaxy devices. As the name suggests, PURPLE combines elements of RED and BLUE’s skillsets — however, an extra in-depth knowledge of the security measures built into the mobile devices sets this team apart.

“Samsung collaborates with external security researchers to uncover vulnerabilities, but our own intimate knowledge of Galaxy systems allows for more effective targeting of potential weak spots,” said Sphinx, a PURPLE member.

“The better you know a system, the better you can protect it,” added Oracle, another PURPLE member.

Occasionally, PURPLE is called upon to address issues nobody else can including formulating new security requirements, designs and features. Though, it isn’t just about keeping Galaxy devices and the Samsung Knox security platform in good shape. Samsung also advises and proposes solutions to chipset and network vendors depending on their requirements.

Samsung’s position as a hardware leader means the company can not only scale its security innovations but also cover its secure supply chain. In this way, Galaxy is contributing to the security of next generation of chips.

Perhaps surprisingly, the motivation behind this work sometimes has nothing to do with technology. PURPLE members perform with a sense of duty to keep people safe, and they feel a certain pride and satisfaction in finding and addressing vulnerabilities.

“It’s not just me but also my family and friends who use Galaxy,” continued Oracle. “So, let’s make it safe!”

The bar for entry is high, and technical skills alone are not enough. To join the team, one must also demonstrate strength of character since any vulnerabilities discovered by the team could be very profitable in the wrong hands.

“They must be tenacious and moral,” said Choi. “One must be responsible and put users before their personal interests.”

“Being an early adopter and a big reader of tech trends is also useful,” added Sphinx.

A System of Safeguards

CTI, RED, BLUE and PURPLE are critical components of Galaxy’s security strategy — but Samsung Project Infinity juggles many initiatives including the Samsung Mobile Security Rewards Program which works with the wider security community to further scrutinize Galaxy’s defenses.

This year, Samsung has boosted this program with a maximum reward amount of $1 million — its highest cash incentive yet for those who are able to identify the most severe attack scenarios within Galaxy devices.

“It’s crucial to encourage participation from the security community in identifying potential vulnerabilities,” said Choi. “Especially in a world where cyberattacks are increasingly intelligent and disruptive.”

All of this goes hand in hand with Samsung’s longstanding model of collaboration with hundreds of partners including carriers, service providers, chipset vendors and more. While regularly working with these partners as well as the wider community to identify threats and develop patches, Samsung Project Infinity ensures Samsung proactively takes initiative and responsibility for reinforcing its own areas of weakness.

“Just because we have internal specialists, this doesn’t mean we don’t work with others,” added Choi. “Having more eyes gives us a better chance at spotting any vulnerabilities and helps us keep users safe.”

So, are you still ignoring that notification now that you know it is from a team deeply committed to your security? Each of those notifications represents Samsung’s ongoing effort in keeping your data safe.

The next time you see an update, don’t hesitate. Hit “install” and continue your online journey with peace of mind, knowing that there’s a whole team looking out for you.

¹ Timing and availability of security maintenance releases for Samsung Galaxy devices may vary by market, network provider and/or model.
² Statista Market Insight, “Cybercrime Expected To Skyrocket in Coming Years,” Chart: Cybercrime Expected To Skyrocket in Coming Years | Statista

Samsung Electronics announced the enhancement of its Mobile Security Rewards Program, increasing the maximum reward amount to $1 million for eligible security vulnerability reports received from the external security community. This is part of Samsung’s ongoing efforts to foster transparency and increased collaboration in mobile security, with the criteria of the program laid out in the Samsung Mobile Security Risk Classification, which now includes additional classification factors.

Alongside this, Samsung has also published its first security-focused Annual Rewards Program Report, showcasing the most significant highlights since the project’s launch and emphasizing the crucial role of the program’s participants. The Mobile Security Rewards Program complements Samsung’s current offering of up to seven years of security updates,¹ highlighting the company’s commitment to user device safety.

“With cybersecurity attacks becoming increasingly intelligent and more challenging to identify, we actively encourage participation from the security community in finding these threats,” said Justin Choi, Corporate VP & Head of Security Team, Mobile eXperience Business at Samsung Electronics. “Their support helps us to ensure our products are continuously monitored for potential vulnerabilities, enabling us to constantly enhance the protection of our customers. It is critically important that this protection is provided and that user data and information are safeguarded, which is why we prioritize security throughout all our products and services.”

Originally launched in 2017, the program embodies Samsung’s commitment to openness and a collective approach to enhancing mobile security. By collaborating with a wide range of global experts — including cybersecurity researchers, ethical hackers and independent security professionals — the program follows a strategic, systematic and proactive strategy to identify and address vulnerabilities, reinforcing the security of users’ mobile experiences.

The maximum reward of $1 million is part of the newly introduced Important Scenario Vulnerability Program. This initiative focuses on the most severe attack scenarios and vulnerabilities, including arbitrary code execution on highly privileged targets; device unlock and full user data extraction; arbitrary application installations; and bypass of device protection solutions. Partnering with the security community not only reinforces Samsung’s dedication toward a transparent, collaborative framework that continuously adapts to emerging risks, but also speeds up the detection and resolution of these potential critical threats.

Increased Transparency of Rewards Program Criteria

Samsung Mobile Security Risk Classification now offers a more detailed and publicly accessible system for categorizing vulnerabilities, incorporating new considerations such as downgrade factors, which allow a threat’s severity level to be lowered, and an ineligible classification, for threats determined to pose minimal security concerns. The system assigns severity levels based on security risk and impact across five categories: Critical, High, Moderate, Low, and Ineligible or Less-Than-Low Security Impact. This comprehensive approach provides clear guidance for both participants and the broader security community, offering a more structured framework for vulnerability reporting. Additionally, it outlines the conditions affecting the reward qualification and amount.

The program covers all of Samsung’s mobile devices currently receiving monthly, quarterly and biannual security updates. In addition, the program will reward eligible submissions for potential vulnerabilities in the latest Samsung Galaxy services, including Bixby, Samsung Account and Samsung Wallet, among others.

Samsung Releases Inaugural Program Report

In August 2024, Samsung published its first security-focused Annual Rewards Program Report, summarizing the most significant highlights since the project’s launch in 2017. Highlights include the awarding of over $800,000 to 113 researchers in 2023 alone and a total of more than $4 million in rewards paid out by Samsung to security experts around the world to date, underscoring the crucial role of the program’s participants.

The Mobile Security Rewards Program is effective immediately. For additional information, including terms and conditions, please visit the Samsung Mobile Security page.

¹ Timing and availability of security maintenance releases for Samsung Galaxy devices may vary by market, network provider and/or model.

DJ Koh, President and CEO of IT & Mobile Communications Division, Samsung Electronics

Samsung Electronics today announced, at the Samsung Developer Conference 2019 (SDC19), new ways its platforms will enable developers to introduce simpler, more powerful experiences to consumers around the world. Samsung shared its vision for the next era of mobile and connected living, offering inspiration to developers, enterprise leaders, and consumers through innovative experiences with the devices they rely on every day.

“We are fortunate to work with the world’s best developers and designers. Together, we have built an extensive and secure ecosystem of devices and services,” said DJ Koh, President and CEO of IT & Mobile Communications Division, Samsung Electronics. “We continue to make progress toward our vision to be the innovator of new mobile experiences that flow seamlessly and continuously wherever we go.”

Creating Opportunities for Developers through Open, Scalable AI and IoT Platforms

ES Chung, EVP and Head of Software and AI, Mobile Communications Business, Samsung Electronics, outlines plans to enrich Bixby to offer users “countless new ways to integrate intelligence into everything you do.”

To help consumers discover new ways Bixby can work with them to get things done more quickly and easily, Samsung launched Bixby Marketplace earlier this year, creating a way for developers to introduce their Bixby capsules to millions of Bixby users. In the past six months, the size of the Bixby developer community has doubled. And starting in 2020, the Bixby Marketplace will expand gradually, enabling developers to offer their services across more Samsung devices.

To make it easier for developers to create new experiences on its AI platform and ensure consumers have more intuitive experience, Samsung announced enhanced capabilities in the Bixby Developer Studio at SDC19.

• New Bixby Templates makes it easy for developers to create capsules using pre-existing forms so that they don’t have to start from scratch.
• Enhanced Bixby Views enable developers to build capsules with a consistent design even beyond smartphones—to televisions, tablets, smart watches and refrigerators.
• Developers can now register their capsules under Natural Language Categories. When users ask Bixby for help related to a category—such as radio, news, or navigation—Bixby suggests a capsule that can help them get what they need more quickly and easily, even without having to call out exact name of the capsule.

Larry Heck, CEO of Viv Labs, Samsung Electronics, introduces new Natural Language Categories, which simplify how users engage with and discover Bixby capsules.

More consumers than ever are seeing how seamlessly connected devices and services can make everyday life easier. Developers can scale their device and service offerings through Samsung’s IoT platform, SmartThings. Already, developers and partners have brought connected experiences to more than 45 million monthly active users and thousands of compatible devices, and the platform is expected to grow further with the Work as a SmartThings Hub (WASH) program, which allows partners like network operators to embed SmartThings Hub software into their devices.

To help developers build on and integrate existing devices with the SmartThings platform, Samsung announced new capabilities for developers:

• The new Rules API brings to life more automated smart home experiences to reflect individual daily routines across a broad range of SmartThings devices.
• Samsung is launching the SmartThings Device SDK Beta program in early 2020 to enable more third-party manufacturers to create SmartThings-compatible devices.

Samsung continues to invite developers to actively participate in its ecosystem and supports the developer community with several incentive programs—including the Best of Galaxy Store Award, the Samsung Mobile Design Competition, Bixby DevJam and the Samsung Mobile Security Reward program.

Inspiring Developers with New Experiences Across Devices

Samsung continued to refine the mobile experience to allow users to focus on what matters most to them. One UI 2 includes new features that declutter the user interface—making it easier for people to interact naturally, while also making it easier on their eyes. And now, to make both the developer and the user experiences consistent across devices, Samsung is expanding the use of One UI 2 beyond smartphones to tablets, wearables, and new form factors, including foldables.

Sally Hyesoon Jeong, VP and Head of Framework R&D Group, Mobile Communications Business, Samsung Electronics, introduces an all-new, compact form factor for foldable devices.

With the launch of Galaxy Fold, Samsung designed a first-of-its kind mobile experience that is much more than a foldable device. Samsung, alongside hundreds of developers and partners, created an entire foldable ecosystem that continues grow and opens up new possibilities to the mobile experience. As promised at SDC last year, Samsung will continue to explore a range of new form factors in the foldable category. And at SDC19, Samsung invited developers and users alike to join the exploration of exciting new use cases and user experiences.

To deliver the best possible TV viewing experience, Samsung is also investing in 8K technologies. With AI ScaleNet, Samsung has made it possible to stream high-quality 8K videos on networks with lower bandwidth capabilities. Samsung has also announced new tools that make it easier for developers to bring new experiences across the nearly 100 million Smart TVs that are powered by Tizen.

• Wits automatically uploads a code edit to the TV, so developers can see their update almost immediately, significantly trimming development time.
• EasyST makes testing content playback much easier because developers don’t need to build their own test app to make sure their content is streaming as intended.
• TIFA (Tizen Identifier for Advertising) gives consumers the option to limit ad tracking or opt-out of targeted advertising
• Samsung is making Tizen TV OS available to third-party TV makers for the first time.

End-to-End Security Built in Every Solution and Experience

Terry Halvorsen, CIO and EVP, IT of Mobile Communications B2G Business, Samsung Electronics, discusses the importance of stout security solutions like Samsung Knox – particularly in today’s hyperconnected world.

Emerging technologies, such as IoT, AI and 5G, are bringing new capabilities and opportunities to the developer landscape. For Samsung, it means providing the community with the tools and programs necessary to deliver secure and reliable solutions.

Secure Development Lifecycle delivers systematic reviews at every phase of the development, supply chain, and manufacturing process. To give both developers and users peace of mind, Samsung offers the Knox SDK, allowing partners and app developers to integrate advanced security solutions to their apps and services. In addition, Samsung has been working with German government agencies, especially BSI, and industry partners on developing a mobile-enabled eID for digital services to support customers and governments by developing a solid foundation for trusted identity services.

Seungyun Lee, Principal Engineer, Knox Platform for Enterprise, Samsung Electronics, discusses features that make Samsung Knox attractive to developers. “Knox is software that is built around hardware root of trust, not just implemented after the device is built” Lee explains, “giving it a foundation like no other security system in the market.”

Samsung invites developers and partners on its journey to bring new and secure experiences to life. For more information about working with Samsung and the Samsung Developer Conference 2019, please visit sdc.developer.samsung.com. Further information can also be found on Twitter (@samsung_dev) and using the hashtag #SDC19.

SDC19’s keynote event was packed with people eager to learn more about Samsung’s latest innovations

About Samsung Developer Conference
SDC brings together thousands of developers and creators to explore today’s tech and visualize what’s possible in the future. The two-day conference will feature exciting keynote announcements, technical sessions and valuable networking time. Plus, Samsung product teams and technology partners will showcase the latest tech advances and tools.

* All services and programs mentioned above may vary by region.