The Emerging Payments Association of Asia (EPAA) has released a report detailing how quantum computing may worsen the payments fraud landscape and highlighting the necessary steps financial institutions must take to prepare for its mainstream adoption.
The report emphasizes that “bad actors” may be collecting encrypted data, including credit and banking information, personal data, and transaction logs, in anticipation of using quantum technology to decrypt these files. To counter this threat, the industry needs to proactively engage with quantum technology.
Camilla Bullock, CEO of EPAA, stressed the urgency of addressing this issue: “The work we need to do as an industry starts today, or it should have started one year ago. When quantum technology becomes available, it will be too late. We need to migrate the encryption today.”
Data encryption is critical in digital wallets, open banking, and instant payment systems across Asia, yet not all payment providers have implemented quantum resilience protocols.
Bullock highlighted the complexity of the migration process: “The simplest payment may involve twenty encryptions, while the most complex could have over one hundred. Organizations need to identify where encryption is used. Each encryption varies depending on its implementation. The goal is to upgrade to quantum-safe algorithms, which are available, but requires pinpointing where encryption exists within the organization.”
The report evaluated the quantum readiness of nearly 200 industry participants across Australia, Hong Kong, Singapore, and Malaysia. Only 20% of respondents reported being “very familiar” with the quantum threat to current cryptography. The paper also includes a step-by-step guide for organizations on addressing the quantum computing threat.