The evolution of quantum technology requires financial institutions to anticipate the gradual obsolescence of current cryptographic mechanisms. Post-quantum cryptography (PQC), also referred to as post-quantum encryption, aims to ensure the long-term protection of sensitive data and critical infrastructure against these new computing capabilities.
The cryptographic algorithms used to secure payments, transactions and customer data are facing increasing exposure, not only in the medium term, but already today through harvest-now-decrypt-later strategies. This data could later be exploited using quantum computers. The European roadmap supported by the Commission sets out that:
Each member state should begin the transition to PQC by the end of 2026
Critical infrastructure should migrate to post-quantum mechanisms by the end of 2030 at the latest
Experts estimated in 2023 that the probability of a quantum computer being able to break RSA-2048 within 24 hours will increase significantly in the coming years.
$2 trillion: estimated potential cost of a quantum attack disrupting access to the Fedwire Fund Service for one of the five largest financial institutions (Hudson Institute, 2023)
The transition to post-quantum cryptography is a complex and long-term programme. Previous migrations of security standards show that this type of transformation can take 10 to 15 years (CEPS, December 2025)
Migration to post-quantum algorithms is therefore a major transformation programme that requires anticipation, prioritisation and strong governance.
Sopra Steria supports banks and insurers in assessing, planning and implementing a pragmatic and progressive PQC strategy.
Inventory of cryptographic uses and assets
Vulnerability analysis and risk mapping
Identification of critical systems (payments, customer data, key infrastructure)
Migration plan aligned with your maturity and operational constraints
Implementation of hybrid architectures (classical and post-quantum algorithms)
Deployment of crypto-agility to ensure system scalability
Support from specialised partner tools, such as CryptoNext, to complement our expertise and accelerate analysis and implementation
Multi-vendor benchmarking and comparative testing
Progressive and interoperable integration with existing systems
Compliance with current standards and recommendations
Change management support and team training
Integrated expertise
We have expertise in quantum technology, advanced cybersecurity and the regulatory requirements specific to financial services.
An independent approach
Through an objective assessment of market solutions, we select the options best suited to your technical, economic and sovereignty-related challenges.
End-to-end support
From the initial audit to production deployment, our support is based on structured management of risks and operational impacts.
A long-term vision
PQC is part of a broader strategy for digital resilience and the long-term protection of information assets.
With more than 50 years of expertise and extensive experience in supporting banks and financial institutions, Sopra Steria is a key player in the digital transformation of the banking sector.
Sopra Steria is far more than an IT services provider. We are a strategic partner committed to the success of your projects. We provide our expertise and support, from integration through to full operational adoption of the solution, and beyond.