Quantum computing is no longer an abstract concept confined to research labs. As quantum machines advance, they pose a real and growing threat to the cryptographic foundations that secure global payments. It has now become a key strategic inflection point for the financial sector.
As we enter 2026, there is an urgency to prioritise the quantum resilience journey before attackers and bad actors can strike first.
Recognising the very clear quantum risk
The US National Institute of Standards and Technology (NIST) has released the first finalised post-quantum cryptography (PQC) standards, which include algorithms for encryption that have been specifically designed to mitigate the potential risks quantum computers pose.
Meanwhile, global intelligence agencies are warning of “harvest now, decrypt later” tactics where attackers capture encrypted financial data today, waiting to unlock it once quantum computers can break current algorithms. Every encrypted transaction, message, and digital signature could be exposed once a cryptographically relevant quantum computer comes online. It is therefore a clear risk that must be addressed now.
Why 2026 will be a decisive year
2026 will be an inflection point in the battle for quantum resilience. Three core factors are converging, making it imperative businesses take action now:
1. New standards, same urgency: NIST’s CRYSTALS-Kyber and Di lithium algorithms provide a roadmap for post-quantum security, and institutions are urged to begin adoption immediately
2. Rising regulatory pressure: regulatory bodies including the G7 Cyber Expert Group and numerous national regulators are increasingly probing banks on their quantum preparedness
3. Active threat landscape: from organised crime syndicates to nation states, numerous well-funded adversaries are believed to be stockpiling encrypted payment data in preparation for the time when quantum computing can decrypt it
The message for 2026 is clear: act now to mitigate the risks of quantum computing tomorrow.
Becoming leaders in secure digital innovation
Quantum resilience can also play a role in enhancing the reputation of those that lead its adoption. Looking beyond regulatory alignment, quantum safe systems can provide fundamental operational resilience for critical national infrastructure. It also demonstrates to the customer a proactive attitude toward protecting sensitive data and long-term privacy.
Those that act early can be positioned as leaders in secure digital innovation. They’ll not only protect their systems, they’ll strengthen customer confidence and gain a reputation as a trusted innovator.
A framework to be quantum-ready
The path to quantum-ready begins today. A practical and realistic framework to get started is to:
1. Inventory all cryptographic assets and dependencies
2. Assess crypto-agility – the ability to switch algorithms without disrupting operations
3. Engage vendors and partners to ensure ecosystem-wide resilience
4. Monitor evolving standards and pilot PQC solutions in low-risk environments
5. Adopt structured risk analysis methodologies to prioritise action and investments logically
These steps form the foundation for a controlled, cost-effective transition to quantum-safe security.
An opportunity to rethink security
While the quantum threat is real and must be acted on as a top priority, it also presents a unique opportunity to completely rethink and modernise security. Quantum resilience can become a catalyst for innovation, enabling more agile, future-proof payment systems.
Quantum computing may rewrite the rules of cryptography, but with preparation, it doesn’t have to undermine the foundations of digital finance. The technology to do better now exists, so we need to do better.
About the author:
Raphaël Guilley, SVP Consulting, Consult Hyperion, consulting by Fime.
