PYMNTS MonitorEdge May 2024

Making Sense of the Post-Quantum Payments Landscape

quantum computing

World Quantum Day is coming up in a little over a week, on April 14. But the international event aimed at promoting public awareness and understanding of quantum science isn’t the infamous “Quantum Day” that has kept security experts worried since the turn of the century. 

That particular day, colloquially known in the cybersecurity space as “Q-Day,” is the day when quantum technology has advanced to the point where its commercial applications and availability could be used to compromise and fundamentally undermine the encryption protocols that corporations, banks and national governments around the world have relied on for decades to protect sensitive data and information. 

The threat is a very real and existential one, as the unraveling of traditional encryption could shatter the world of privacy and security as we know it. 

This, as Microsoft and Quantinuum on Wednesday (April 3) announced that they’ve reached a new quantum computing milestone, one that has made the next phase for solving meaningful problems with reliable quantum computers a reality. 

What that means is that Q-Day is already that much closer to becoming its own reality, which will fundamentally transform the finance and payments industries. 

Read alsoQuantum Computing Could Change Everything

Understanding the Threat of Quantum Computing as the Ultimate Codebreaker

As PYMNTS has written, quantum computers are superpowered computers that use principles of quantum mechanics, quite literally phase shifts among subatomic particles, to perform incredibly sophisticated operations using parallel processing capabilities. Long the realm of science fiction, these powerful machines will be here and commercially viable within the next decade, if not sooner. 

The fundamental problem is that most of today’s encryption relies on the difficulty of certain mathematical problems, such as factoring large numbers or computing discrete logarithms.

Quantum computers will be able to efficiently solve these mathematical problems — many of which would have previously taken billions of years of computing time — in the metaphorical blink of an eye, rendering many widely used encryption algorithms — such as RSA (Rivest-Shamir-Adleman, the surnames of computer scientists who created the program) and ECC (Elliptic Curve Cryptography) — vulnerable.

What that means, is that in a post-Q-Day landscape, digital transactions, even entire stock exchanges, could be overrun by fraudsters — along with the security of other critical financial infrastructure. 

Already, in a move to improve the security of its iMessage app, Apple announced in February that it is upgrading its encryption system to fend off potential quantum computing attacks.

The danger is not just tied to the future. In true quantum form, past data breaches also represent new opportunities in a post-quantum landscape. That’s because bad actors who are sitting on troves of illicitly obtained encrypted data will be able to unlock them using quantum computing methods. 

As Michael Jabbara, global head of fraud services at Visa, told PYMNTS last March, bad actors are already starting to steal and hold onto encrypted data in preparation for quantum computing tools to enter the market and allow them to decrypt the information. 

Read moreSeizing Quantum Computing’s Opportunities Within Payments and Finance 

Post-Quantum Cryptographic Algorithms

But while the threat of quantum computing is real, so are the opportunities.

For those taking a rosier view of Q-Day, today’s world is already increasingly under attack via digital channels from bad actors. Just look at last month’s cyberattack on Change Healthcare and the far-flung ripple effects that had. Using quantum computing for illicit means is just a more expensive way for bad actors to do what they have always done: probe vulnerabilities and look for easy targets. 

When it comes to ensuring the security and encryption of future transactions and payments, the National Institute of Standards and Technology (NIST), a federal agency, has already made a selection of post-quantum compute algorithms which it recommends for wider use.

“If large-scale quantum computers are ever built, they will be able to break many of the public-key cryptosystems currently in use. This would seriously compromise the confidentiality and integrity of digital communications on the Internet and elsewhere. The goal of post-quantum cryptography (also called quantum-resistant cryptography) is to develop cryptographic systems that are secure against both quantum and classical computers, and can interoperate with existing communications protocols and networks,” the agency said. 

“The physical world is defined by quantum mechanics. The more effectively we can understand those interactions and then model those interactions, the more efficiently and effectively you can build predictive models,” Chris Hume, senior director of business operations for SandboxAQ, told PYMNTS.

“With the algorithms that we’re developing combined with the classical computer hardware that’s available today, you can build better predictive models, and that’s the exciting part. And that’s the opportunity at hand,” Hume added.