Quantum computing is one of the hottest topics in technology, and its potential impact on payments has sparked both excitement and confusion. As the industry races to prepare for a quantum future, myths and misconceptions abound. Let’s set the record straight and explore what quantum payments really mean for financial institutions, businesses, and consumers. 

Myth 1: The Quantum Threat Is Far Off 

Some believe quantum risks are decades away, but experts warn that the threat is already here. Hackers are collecting encrypted payment data now, hoping to decrypt it later when quantum computers become powerful enough – a tactic known as “harvest now, decrypt later.” Regulators have started probing to understand the quantum-safe measures financial institutions are planning and taking. Cybersecurity and other industry leaders are urging immediate action to future-proof payment systems. 

Myth 2: Only Larger Organizations Need to Worry 

Quantum risks affect every consumer and organization in the payments ecosystem, regardless of size (e.g., financial institutions, processors, and merchants). Every encrypted transaction, from ACH, instant payments, card payments to digital wallets, could be vulnerable if not upgraded to quantum-safe standards. 

Myth 3: Quantum Payments Need Quantum Computers 

It’s easy to assume that “quantum payments” must involve quantum computers. In reality, most quantum-safe solutions including post-quantum cryptography (PQC) run on the same classical computers we use today. PQC algorithms are designed to withstand attacks from quantum computers, but you don’t need quantum hardware to implement them. Even quantum key distribution, which uses quantum physics for security, doesn’t require quantum computers in your payments infrastructure. 

Myth 4: Quantum-Safe Algorithms Are Plug-and-Play 

Switching to quantum-safe cryptography isn’t as simple as swapping out old algorithms for new ones. The National Institute of Standards and Technology (NIST) finalized its first set of post-quantum cryptography (PQC) standards to protect against future quantum computer attacks. The four algorithms (ML-KEM, ML-DSA, SLH-DSA and FN-DSA¹) are designed to replace vulnerable public-key systems and ensure long-term data security. These quantum-safe options use different mathematical foundations than classics like RSA or ECC. Implementing PQC means evaluating key sizes, performance, and compatibility with existing systems. It’s a careful process, not a quick fix. 

Myth 5: Quantum Computing Will Replace Classical Computing 

Quantum and classical computing will coexist for years to come. Quantum computers excel at solving specific problems, like breaking certain cryptographic codes, but classical computers remain essential for everyday payment processing and implementing post-quantum cryptography (PQC). 

Myth 6: Quantum-Safe Algorithms Are Always Slower 

Contrary to popular belief, quantum-safe algorithms can be as efficient or even more efficient than classical ones, depending on how they’re implemented. The key is choosing the right algorithm and parameters for your specific needs. NIST released its post-quantum encryption standards in 2024, NIST Releases First 3 Finalized Post-Quantum Encryption Standards. 

Myth 7: The Payments Industry Is Ready 

Surveys show that many payment professionals aren’t familiar with quantum risks and coordinated industry action is still needed. Awareness and readiness lag the urgency of the threat. 

Why This Matters 

Quantum payments aren’t science fiction; they’re a real and urgent challenge. The good news? Quantum-safe solutions are available now, but they require careful planning, ongoing vigilance, and collaboration across the industry. It’s time to act. Future-proofing payment systems will protect all stakeholders from financial institutions, businesses and consumers, and the integrity of global finance. 

Learn more about quantum-safe payments in the paper, "Protecting Payments
in the Quantum Era: Setting a Course for Action," published by the Nacha Payments Innovation Alliance Quantum Payments Project Team.

Go to the Quantum-Safe Payments Blog Series

¹NIST Approved Algorithms Definitions 

• ML-KEM (formerly CRYSTALS-Kyber) – Key Encapsulation Mechanism for secure key exchange. Known for speed and small key sizes, making it efficient for large-scale deployment.
• ML-DSA (formerly CRYSTALS-Dilithium) – Digital Signature Algorithm recommended as the primary signature scheme due to robustness and reliability.
• SLH-DSA (formerly SPHINCS+) – Hash-based Signature Algorithm offering mathematical diversity and resilience against unforeseen lattice-based vulnerabilities.
• FN-DSA (formerly FALCON) – Lattice-based Signature Algorithm optimized for small, fast signatures, expected in draft standard form by late 2024.