Views: 21
As quantum computing approaches practical deployment, today’s encryption methods, once considered robust, are becoming vulnerable. In this context, the banking sector—with its SWIFT, EBICS, SIC SASS networks and multi-year IT investment cycles—must anticipate a major disruption. FINMA 2018/3, FINMA 2023/1 and DORA regulations are increasing pressure on CIOs and CISOs to assess their exposure to “harvest now, decrypt later” and plan a transition to post-quantum cryptography. This article provides an analysis of the risks specific to financial infrastructures and a step-by-step roadmap to manage the quantum threat.
The Stakes of the Quantum Threat for Banking Cryptography
The rise of quantum computing calls into question the security of asymmetric cryptography used by banks. Sensitive traffic—whether transmitted via SWIFT, Open Banking or banking cloud—is now exposed to a future mass-accelerated decryption capability.
Impact on Asymmetric Cryptography
Public-key algorithms like RSA or ECC are based on the difficulty of factorization or the discrete logarithm problem. A sufficiently powerful quantum computer could leverage Shor’s algorithm to reduce these complexities to polynomial time, effectively breaking their security. Keys of 2048 or 3072 bits, considered secure today, would become obsolete once confronted with just a few thousand stable qubits.
In a banking environment where confidentiality and integrity of transactions are paramount, this evolution directly threatens guarantees of non-repudiation and authentication. Electronic signatures, SSL/TLS certificates, and encrypted API exchanges could be compromised.
The vulnerability is not theoretical: malicious actors can already collect and store encrypted traffic for future decryption, as soon as the necessary quantum power is available. This is the so-called “harvest now, decrypt later” strategy, which is particularly concerning for long-lived or regulated data.
The “Harvest Now, Decrypt Later” Phenomenon
In the “harvest now, decrypt later” scenario, an attacker intercepts and stores large volumes of encrypted communications today in anticipation of future quantum capabilities. Once the technology is available, they can retroactively decipher sensitive data, including historical records or archived information.
Banks often maintain transaction archives spanning decades for compliance, audit or reporting purposes. These datasets represent prime targets for future decryption, with serious regulatory and reputational consequences.
The absence of a migration plan to quantum-resistant algorithms therefore exposes financial institutions to risks that cannot be mitigated by late updates, given the lengthy IT project timelines in this sector.
Specific Banking Constraints
Banks operate in a complex ecosystem: SWIFT messaging, ISO20022 standards, EBICS connections, national payment rails like SIC SASS, and Banking-as-a-Service offerings. Each component uses proprietary or shared infrastructures and protocols, making cryptographic overhauls particularly challenging.
Validation cycles, regression testing, and regulatory approvals can span several years. Modifying the cryptographic stack involves a complete review of signing chains, HSM appliances, and certificates, coordinated with multiple partners.
Furthermore, the growing adoption of banking cloud raises questions about key management and trust in infrastructure providers. The quantum migration will need to rely on hybrid architectures, orchestrating on-premise components with cloud services while avoiding vendor lock-in.
Example: A large bank identified all its SWIFT S-FIN and ISO20022 flows as priorities for a quantum assessment. After mapping over 2,000 certificates, it initiated a feasibility study to gradually replace ECC algorithms using nistp-256 with post-quantum alternatives within its HSM appliances.
Assessing Your Exposure to Quantum Risks
Rigorous mapping of critical assets and data flows identifies your quantum vulnerability points. This analysis must encompass SWIFT usage, Open Banking APIs and your entire key lifecycle management, from creation through to archival.
Mapping Sensitive Assets
The first step is to inventory all systems relying on asymmetric cryptography. This includes payment servers, interbank APIs, strong authentication modules, and encrypted data-at-rest databases. Each component must be catalogued with its algorithm, key size and validity period.
This process is based on contextual analysis: an internal reporting module handling historical data may pose a greater risk than a short-lived notification service. Priorities should be set according to business impact and retention duration.
A comprehensive inventory also distinguishes between “live” flows and archives, identifying backup media and procedures. This way, data collected before the implementation of quantum-safe encryption can already be subject to a re-encryption plan.
Analysis of SWIFT and ISO20022 Flows
As SWIFT messages rely on heterogeneous and shared infrastructures, regulatory update timelines apply. Secure gateways such as Alliance Access or Alliance Lite2 may require specific patches and HSM reconfigurations.
For ISO20022 flows, the more flexible data schemas sometimes permit additional signature metadata, facilitating the integration of post-quantum algorithms via encapsulation. However, compatibility with counterparties and clearing infrastructures must be validated.
This analysis should be conducted closely with operational teams and messaging providers, as SWIFT calendars form a bottleneck in any cryptographic overhaul project.
Investment Cycle and Quantum Timeline
Bank IT departments often plan investments over five- or ten-year horizons. Yet, quantum computers with disruptive capabilities could emerge within 5 to 10 years. It is crucial to align the cryptographic roadmap with the renewal cycles of appliances and the HSM fleet.
One approach is to schedule pilot phases as part of the next major upgrade, allocating budget slots for post-quantum PoCs. These initiatives will help anticipate costs and production impacts without waiting for the threat to become widespread.
Planning must also integrate FINMA 2023/1 requirements, which strengthen cryptographic risk management, and DORA obligations on operational resilience. These frameworks encourage the documentation of migration strategies and demonstrable mastery of quantum risk.
Edana: strategic digital partner in Switzerland
We support mid-sized and large enterprises in their digital transformation
A Progressive Approach to Post-Quantum Cryptography
An incremental strategy based on proofs of concept and hybrid environments limits risk and cost. It combines quantum-safe solution testing, component modularity and team skill development.
Testing Quantum-Safe Solutions
Several families of post-quantum algorithms have emerged: lattice-based (CRYSTALS-Kyber, Dilithium), code-based (McEliece) or isogeny-based (SIKE). Each solution presents trade-offs in key size, performance and implementation maturity.
PoCs can be deployed in test environments, alongside existing RSA or ECC encryption. These experiments validate compatibility with HSM appliances, computation times, and transaction latency impact.
An open and evolving reference framework should guide these trials. It integrates open-source libraries, avoids vendor lock-in and guarantees portability of prototypes across on-premise and cloud environments.
PoC
Hybrid Migration and Modularity
The recommended hybrid architectures use modular encryption layers. A microservice dedicated to key management can integrate a quantum-safe agent without disrupting the main business service. This isolation simplifies testing and scalable rollout.
Using containers and Kubernetes orchestrators enables side-by-side deployment of classical and post-quantum instances, ensuring controlled switchover. APIs remain unchanged, only the encryption connectors evolve.
This approach aligns with an open-source and contextual methodology: each bank adjusts its algorithm catalog based on internal requirements, without hardware or software lock-in.
Proof-of-Concept Management
A quantum PoC involves setting up an isolated environment that replicates critical processes: SWIFT sending and receiving, ISO20022 data exchanges, secure archiving. Teams learn to orchestrate post-quantum key generation, signing and verification cycles.
The PoC enables encryption and decryption volume tests, measurement of CPU/HSM consumption and assessment of SLA impact. Results feed into the business case and the technical roadmap.
This pilot delivers an internal best-practice guide, facilitates regulatory dialogue and reassures senior management about the migration’s viability.
Integration into Your Infrastructures and Regulatory Compliance
Integrating post-quantum cryptography into your systems requires a robust hybrid architecture and adapted governance processes. Compliance with FINMA and DORA standards is a prerequisite for the validity of your transition plan and proof of operational resilience.
Interoperability and Hybrid Architectures
Quantum-safe solutions must coexist with existing infrastructures. The hybrid architecture relies on encryption microservices, PKCS#11-compatible HSM adapters and standardized APIs. Exchanges remain compliant with SWIFT and ISO20022 protocols, while encapsulating the new cryptography.
This modularity decouples cryptographic appliance updates from the application core. Operational teams can manage independent releases, reducing regression risk and accelerating deployment cycles.
Using containers and cloud-agnostic orchestrators enhances scalability and avoids vendor lock-in. Best-in-class open-source tools are favored for encryption orchestration, key management and monitoring.
Meeting FINMA and DORA Requirements
FINMA 2018/3 introduced IT risk management, and Circular 2023/1 increases focus on emerging technologies. Banks must document their exposure to quantum threats and the robustness of their migration strategy.
DORA, currently being implemented, mandates resilience tests, incident scenarios and regular reporting. Including the quantum threat in business continuity and crisis exercises becomes imperative.
Proofs of concept, independent audits and cryptographic risk dashboards are key components of the compliance dossier. They demonstrate control over the transition to quantum-safe and the institution’s ability to maintain critical services.
Monitoring and Continuous Updates
Once deployed, post-quantum cryptography must be subject to ongoing monitoring. Monitoring tools trigger alerts for HSM performance degradation or anomalies in encryption cycles.
Automated regression tests validate new algorithms on each release. Centralized reports track key usage and the evolution of the classical/post-quantum blend, ensuring traceability and visibility for IT steering committees.
Finally, a technology watch program, combined with an open-source community, ensures continuous adaptation to NIST recommendations and advancements in quantum-safe solutions.
Anticipate the Quantum Threat and Secure Your Data
The quantum threat is fundamentally transforming the asymmetric encryption methods used by Swiss and European banks. Mapping your assets, testing post-quantum algorithms and building a contextualized hybrid architecture are key steps for a controlled transition. Integrating FINMA and DORA compliance into your governance ensures resilience and stakeholder trust.
Whatever your maturity level, our experts are by your side to assess your exposure, define a pragmatic roadmap and manage your quantum-safe proofs of concept. Together, let’s build a robust, scalable strategy aligned with your business objectives.
