Insider Small
- To address security concerns posed by quantum computing, FS-ISAC released advice to assist the payment card industry in moving to quantum-resilient encryption.
- The guidance includes a business-focused papers and three professional use instances covering card supply, purchase forwarding, and ATM/POS systems to enable practitioners with movement strategies.
- Industry experts emphasize the importance of accelerating the implementation of quantum-resistant standards, making the program emphasize the need for classical migration strategies to prevent disruptions.
PRESS RELEASE: When quantum computers become widely available, they will make it possible for the payment card industry (PCI) to process payments much more quickly and effectively. They will also disable several different data encryption methods that the sector relies on to secure consumer payment. To avoid that, the payment card industry may begin the hard but important task of migrating to quantum-resilient crypto. , the member-driven, not-for-profit firm that advances security and endurance in the global financial system, and its have published a series of documents outlining the obstacles and challenges posed by quantum computing for the payment card industry, and frameworks for quantum-resilient change.
” Quantum computing will help firms in solving problems that are too complicated and time-consuming for today’s computers, but it could harm existing encrypted security, such as that of the card transaction ecosystem”, said Mike Silverman, FS-ISAC’s Chief Strategy &, Innovation Officer. The direction in this paper is the result of coordinated efforts by industry experts to replace outdated encryption techniques with quantum-resistant standards.
The Impact of Quantum Computing on the Payment Card Industry, a paper intended for business leaders, discusses crucial steps for implementing quantum-resilient cryptography and upholding cyber hygiene. It advises strong access controls to restrict access to cardholder data, encryption of sensitive data during storage and transmission, regular system updates and patches, secure coding practices, robust monitoring and auditing, and comprehensive risk assessments to identify vulnerabilities. Additionally, it emphasizes the value of mitigation strategies to improve detection and response capabilities to effectively address adversarial attacks, as well as ensuring the ongoing security of the post-quantum PCI ecosystem.
To further assist PCI practitioners and technologists in migrating to quantum-resilient cryptography, FS-ISAC developed three detailed use cases that offer insights into cryptographic assumptions, quantum’s impact, mitigation techniques, and the current industry status of key PCI elements. These papers are:
· Card Provisioning Setup and Cardholder Data Provisioning
· Card-Present Transaction Routing and Authorization and Card-Not-Present Transaction Detail and Routing
POS and ATM Card Capture, POS and Setup with Backend Acquiring Systems, and
By developing a quantum migration strategy early, businesses can save a lot of money and build a safety net that reduces the risk of disruptions, according to Oscar Covers, Policy Advisor Cyber Security of the . The proactive approach of the FS-ISAC Post Quantum Cryptography Working Group provides important guidelines that will aid in the development of a robust framework. With it, the industry can lessen the likelihood of disruption in the world’s financial system.