close

Samsung Mobile Security
Cookie Policy

Updated on May 1, 2021

This Cookie Policy describes the different types of cookies that may be used in connection with Samsung Mobile Security website which is owned and controlled by Samsung Electronics Co., Ltd (“Samsung Electronics”). This Cookie Policy also describes how you can manage cookies.

It’s important that you check back often for updates to the Policy as we may change it from time to time to reflect changes to our use of cookies. Please check the date at the top of this page to see when this Policy was last revised. Any changes to this Policy will become effective when we make the revised Policy available on our website.

Samsung Electronics has offices across Europe, so we can ensure that your request or query will be handled by the data protection team based in your region. If you have any questions, the easiest way to contact us is through our Privacy Support Page at https://www.samsung.com/request-desk.

You can also contact us at:

European Data Protection Officer
Samsung Electronics (UK) Limited
Samsung House, 1000 Hillswood Drive, Chertsey, Surrey KT16 0PS

Cookies

Cookies are small files that store information on your computer, TV, mobile phone, or other device. They enable the entity that put the cookie on your device to recognize you across different websites, services, devices, and/or browsing sessions.

We use the following types of cookies on this website:

Essential Cookies: enable you to receive the services you request via our website. Without these cookies, services that you have asked for cannot be provided. For example, these enable to identify users and provide proper service for each user. These cookies are automatically enabled and cannot be turned off because they are essential to enable you to browse our website. Without these cookies this Samsung Mobile Security website could not be provided.

Cookie Domain Purpose
JSESSIONID security.samsungmobile.com to keep login session
lastActivityTime security.samsungmobile.com to save the user's last activity time to automatically logout after 30 minutes of inactivity

Managing Cookies and Other Technologies

You can also update your browser settings at any time, if you want to remove or block cookies from your device (consult your browser's "help" menu to learn how to remove or block cookies). Samsung Electronics is not responsible for your browser settings. You can find good and simple instructions on how to manage cookies on the different types of web browsers at http://www.allaboutcookies.org.

Go straight to the menu Go straight to the text

Security Reporting

If you have identified a potential security vulnerability in any Samsung Mobile product or software,
please report it here

Please carefully read the reporting guidelines below and Samsung’s security risk classification criteria prior to reporting.

We encourage the reporting party to place the users’ interest first and follow the philosophy of Responsible Disclosure, which involves privately notifying us of any security vulnerabilities before disclosing them fully to allow us to resolve the vulnerabilities and minimize overall risk to users.
Reporting Guidelines

Report via ticketing system

Create Report Samsung Account required JOIN
  • When reporting the security vulnerability you have identified through the ticketing system, you will be able to receive prompt response and track the status of the ticket you reported in real time while directly communicating with a dedicated security analyst. Samsung Account is required to submit a ticket and you need to create a user account if you do not have an existing account.
  • If you would like to submit a security vulnerability report directly to us via email, please send your report to mobile.security@samsung.com including the detailed technical information and encrypted with Samsung Mobile Security’s public PGP key (Fingerprint: F5F3 8EEC 4388 E4E2 9184 78BD BA2D 9A24 CD38 64BE).
  • For quick and accurate analysis, we ask you to provide detailed information and we may ask you to provide additional information if necessary.
Required Information
  • Firmware version of affected products
  • Description of potential vulnerability as detail as possible
  • Steps to reproduce the issue
  • Proof of Concept (PoC) (including video, image, APK, sample code, etc.)
  • Expected correct behavior or workaround
  • Disclosure plans, if any
  • In order to maximize the effectiveness of our response processes and lower time spent on understanding the specific concern, we ask you to submit high quality reports, including a written description of the vulnerability, information on respective source code snippets or binary analysis, and proof-of-concept code or any other supporting material that helps assessing the vulnerability quickly and effectively. Reports must provide a convincing case for the security impact of the reported issue. If you are not familiar with writing a technical report or write-up on security vulnerabilities, you may refer to one of our High-Quality Report samples.
  • Please note that you may experience delays from receiving response regarding your report, and we recommend submitting your report through the ticketing system for prompt response.

Investigating and reporting bugs

Note that two reporting channels linked above are intended for reporting security vulnerabilities of Samsung Mobile products and its related services. If the identified potential vulnerability applies to other Samsung products or services, please visit here to report to the corresponding business unit’s reporting channel.
Responsible Disclosure Policy
  • At Samsung, we take security and privacy issues very seriously, and we value the security research community with our commitment to address potential security vulnerabilities as quickly as possible. The responsible disclosure of security vulnerabilities helps us ensure the security and privacy of our end-consumers.
  • We ask our security research community to:
    • Make every effort to avoid privacy violations, degradation of user experience, disruption to internal or external servers, and destruction of data or physical assets during security testing;
    • Use reporting guidelines stated above to report details of potential vulnerabilities as complete as possible; and
    • Keep information about the potential vulnerability discovered confidential between yourself and Samsung until we have remedy in place.
    • Restrain from using any exploits or vulnerabilities for commercial or business purpose.
  • In return, we commit to:
    • Work with you to understand and resolve the potential vulnerability quickly;
    • Make our best effort to resolve security vulnerabilities, and release patches to end-consumers within 90 days; and
    • Reward you, if you choose to participate in our Samsung Mobile Security Rewards Program, and recognize your contribution through our Acknowledgements for eligible reports.
close
Report Guidelines
  • For quick analysis, the following information is required:
    • Firmware version of affected products
    • Vulnerability type and category
    • Description of potential vulnerability as detail as possible
    • Steps to reproduce the issue
    • Proof of Concept (PoC) (including video, image, APK, sample code, etc.)
    • Expected correct behavior or workaround
    • Disclosure plans, if any

In order to maximize the effectiveness of our response processes and lower time spent on understanding the specific concern, we ask you to submit high quality reports, including a written description of the vulnerability, information on respective source code snippets or binary analysis, and proof-of-concept code or any other supporting material that helps assessing the vulnerability quickly and effectively. Reports must provide a convincing case for the security impact of the reported issue