Even though it's transmitting via a magnet, Samsung Pay seems to be set up to maintain security. It uses tokenization, which means that your actual credit card isn't sent, instead it uses a temporary one that Visa or Mastercard creates for you. It's also storing that information in a "trusted execution environment," which keeps it isolated from any app that might want to access it. Apple Pay also keeps that information in a secure element, but Samsung was quick to point out that Android Pay doesn't (though it is also tokenized, so the risk is lessened).
SWIPE UP, UNLOCK, TAP, DONE
There are a few places where the MST technology won't work, namely any credit card reader that requires a physical trigger to activate the card read. That means that ATMs and gas pumps won't really work with Samsung Pay, but most stores will.
Samsung says that it's not taking a transaction fee from card issuers, but it is acting as a conduit for some of your transaction information. It sends that along to your phone so you can get receipts, but Graylin says that "we just pass it through" and that Samsung isn't collecting that data.
Samsung Pay is launching in Korea on August 20th and in the US on September 28th — though a software update which enables it will come sooner. It also says "select US users" will be able to take part in a beta test beginning on August 25th. The service is also planned for the UK, Spain, and China.