Quantum Technologies: Transforming Security for Telecom, Banking, Debit and Credit Cards

As organizations race to secure customer data in an increasingly connected world, phone numbers have become a critical vulnerability. Serving as a key layer in multi-factor authentication (MFA), transaction verification, and payment systems, they have become prime targets for cyberattacks.

This is where quantum technology emerges as a game-changer in strengthening financial security, especially with the rise of identity theft and sophisticated threats. Quantum technology offers advanced encryption and authentication solutions that combat current cyber threats and future-proof systems against the quantum-enabled risks ahead.

A Glimpse Into 2024: Data Breaches and Cyber Vulnerabilities

Let’s look at India, a booming digital payment industry that had approximately $3bn monthly transactions in 2023, according to Astute Analytica. This rapid growth increased cyberattacks and data breaches, particularly in healthcare, hospitality, and banking.

A think tank Data Security Council of India (DSCI) report saw an alarming average of 702 potential security threats detections every minute in 2024^, with incidents ranging from massive data leaks to the sale of personal information. Some of them include:

• BSNL Security Breach: In June 2024, a massive data breach exposed 278GB of sensitive information, including international mobile subscriber identity (IMSI) numbers, SIM card details, and critical security keys.
• Airtel Data Compromise: In July 2024, the personal data of 375 million users, including names, birth dates, Aadhaar numbers, and addresses, was offered for sale on the dark web for $50,000 in July 2024.
• Dark Web Sale of 750mn Telecom User Records: One of the largest breaches in recent times occurred in early 2024 when the personal data of 750mn (1.8TB) telecom users in India was sold online.
• Data Breach of the eMigrate Portal: A hacker allegedly breached the eMigrate portal, a government platform for legal emigration for blue-collar workers, in June 2024, claiming to have accessed data from 200,000 user accounts. 

These breaches highlight the urgent need for robust security measures to protect sensitive information tied to phone numbers, banking accounts, and payment systems.

Existing Security Concerns

1. Vulnerabilities of Phone Numbers in Banking

   Some of the common attacks with phone numbers include:

   • SIM Swapping: Fraudsters exploit telecom security weaknesses to hijack phone numbers.
   • Phishing Attacks: Users are tricked into revealing OTPs or other confidential banking information.

2. The Role of OTPs and Encryption

   The effectiveness of OTPs is a shared responsibility among several parties:

   Focus areas (Banking):

   • Encryption of financial data (bank accounts, credit, debit cards, etc)
   • Security of their systems
   • MFA implementation

   Focus areas (Telecom):

   • Security of their communication networks
   • Implementation of protective measures against SIM swapping attacks

As vulnerabilities in current security protocols become more apparent, quantum technology offers a new paradigm that could fundamentally transform how we protect sensitive information.

Quantum Technology: The Next Frontier in Security

Quantum computing promises unparalleled advancements in securing financial data. This technology addresses modern, complex security challenges by leveraging quantum mechanics principles like superposition and entanglement.

The US Department of Commerce’s National Institute of Standards and Technology (NIST) has recognized its power, establishing new standards to protect sensitive information. Last year, NIST Director Laurie E. Locascio even stated, “These finalized standards are the capstone of NIST’s efforts to safeguard our confidential electronic information.”

As quantum computing evolves, several advanced cryptographic technologies are emerging to strengthen security in the digital landscape and future-proof data for the quantum era.

1. Post-Quantum Cryptography (PQC)

   PQC algorithms are designed to replace encryption standards like Rivest Shamir Adleman (RSA) and Elliptic Curve Cryptography (ECC). Key areas in PQC focus on lattice-based, hash-based, and code-based cryptography, as well as multivariate polynomial equations.          
   NIST has finalized a core set of encryption algorithms to withstand attacks from quantum computers. These algorithms protect sensitive financial data, such as OTPs, debit/credit card numbers, and bank account information, from future quantum-enabled hackers.

   • Leading providers: Google Quantum AI and D-Wave

2. Quantum Key Distribution (QKD)

   QKD uses quantum mechanics to create unbreakable encryption keys and detect eavesdropping in real time, ensuring secure communication. This technology is particularly beneficial for securing communication between telecom providers and banks and encrypting mobile transaction data.

   • Leading providers: ID Quantique and Toshiba Quantum Technology

3. Quantum Random Number Generators (QRNGs)

   Unlike traditional pseudo-random generators, QRNGs generate truly random numbers, strengthening tokenization, generating unique CVVs, and securing transaction data.

   • Leading providers: QuintessenceLabs

Evaluating the Best Security Options

The table below assesses the effectiveness of the three key quantum security technologies across various financial instruments and transaction channels.

Best Solutions:

• Credit Cards: QKD for real-time transaction security
• Debit Cards: PQC for robust data protection
• Bank Accounts: QKD and PQC for comprehensive security 

Tech Mahindra: Exploring the Quantum Realm

Tech Mahindra has been actively involved in quantum computing and security and has incubated this technology across various industries since its inception. By investing in research and development, it is pioneering applications in fields ranging from drug discovery to secure communications:

1. Quantum GANs for Drug Discovery: Tech Mahindra developed small molecules for drug development using Quantum GANs (quantum machine learning), putting the company in the top five at the globally reputed QETCI Hackathon.
2. Quantum-Secured Video Messaging: QuintessenceLabs, Tech Mahindra, and BT collaborated to develop an end-to-end video messaging solution secured by QKD as part of the UK's first quantum-secured ultra-fast network, UKQNtel.
3. Post-Quantum Cryptography: Tech Mahindra is advancing quantum security through post-quantum cryptography, developing algorithms to future-proof security systems against quantum threats.

Strategic Alliances

To accelerate the development and commercialization of quantum solutions, we have established strategic partnerships with leading companies across the quantum ecosystem:

1. Infrastructure Providers: IBM Quantum, AWS, IQM, etc.
2. Startups: QNu Labs, Cogniframe, Multiverse Computing, and BosonQPsi
3. Governments: C-DAC of Ministry of Electronics and Information Technology and IIT Madras
4. Academia: Mahindra University and Aalto University

These alliances foster a collaborative ecosystem to advance quantum use cases.

Real-World Examples of Quantum Security

As industries worldwide tap into the far-reaching potential of quantum computing, several organizations have already started leveraging its applications to bolster security:

1. CCB Finance, a subsidiary of China Construction Bank, partnered with quantum computing startup Origin Quantum to establish a financial laboratory and launch a quantum finance app for mobile phones in 2023.
2. BBVA, a Spanish financial services company, collaborated with VASS and AWS in May 2024 to utilize distributed quantum simulations for enhanced communication security, fraud detection, and risk analysis.
3. HSBC piloted quantum-secure tech in September 2024 to protect its tokenized gold transactions, using PQC and Quantum Origin randomness to ensure digital asset interoperability and counter future quantum threats.
4. JPMorgan Chase implemented a quantum-secured, crypto-agile network (Q-CAN) using QKD to create a quantum-safe communication system in May 2024, securing high-speed virtual private networks.

Conclusion

As cyber threats evolve, quantum technologies, such as QKD, PQC, and QRNGs, feature the right tools to counter attacks and safeguard sensitive customer data.         
By embracing these advanced encryption solutions, organizations can protect customer information, mitigate risks, and prepare for the quantum-driven challenges of the future. Implementing quantum-safe technologies is not just a precautionary measure but a crucial step towards safeguarding the foundational asset of modern digital finance—our phone numbers. Only then can we bring a safer, fraud-free future for digital finance from the horizon within our tangible reach.