Beyond the Algorithm: How CyberAId Is Exploring Quantum Token-Based Authentication for Financial Transactions

Abstract: As quantum computing advances, the cryptographic mechanisms used to authenticate financial transactions are expected to face increasing pressure in the coming years. Within CyberAId, QUBO Technology is exploring how quantum token-based authentication can provide an additional verification layer for high-value financial transactions, beginning with a simulation for an asset management partner and with a pilot deployment planned for a later stage of the project. In parallel, the project is analysing the potential applicability of post-quantum cryptography (PQC) within CyberAId, while investigating how quantum token-based authentication may complement future PQC-based infrastructures.

Keywords: Quantum Token-Based Authentication, Post-Quantum Cryptography, Financial Cybersecurity, Digital Payments, Cyber Resilience.

Modern financial systems depend on trusted mechanisms that ensure payment instructions and settlement messages are authentic and have not been altered in transit. These guarantees are achieved through a combination of cryptographic technologies, including digital signatures, secure communication protocols, and authentication infrastructures. Today, asymmetric cryptographic algorithms such as RSA and elliptic-curve cryptography (ECC) play an important role in authentication and secure communications across the global financial sector, from payment networks to interbank settlement systems.

That foundation is now facing a long-term technological challenge. Quantum computing, once largely theoretical, is progressing toward capabilities that could eventually undermine the computational assumptions behind widely used public-key cryptography. Shor’s algorithm, first described in 1994, demonstrated theoretically that a sufficiently powerful quantum computer could efficiently solve the mathematical problems underlying RSA and ECC. While such quantum computers do not yet exist at the required scale, governments, regulators, and standards organisations have already begun preparing for a future transition toward quantum-resistant security mechanisms.

One major step in this transition has been the development of post-quantum cryptography (PQC), a new generation of cryptographic algorithms designed to resist attacks from future quantum computers. The U.S. National Institute of Standards and Technology (NIST) has already finalised its first PQC standards, while European initiatives are also developing migration roadmaps for critical infrastructures, including the financial sector.

Within CyberAId, QUBO Technology is contributing to this migration effort by analysing different PQC approaches and exploring how they could be applied within the project’s security architecture and consortium use cases. This analytical work provides the broader security baseline against which quantum token-based authentication is then explored as a complementary, transaction-level verification layer. At the same time, CyberAId is also exploring whether additional security layers could further strengthen the protection of high-value financial workflows. For particularly sensitive transactions, complementary authentication mechanisms may provide additional resilience by reducing dependence on a single technological approach.

This is the context in which quantum token-based authentication becomes relevant. In 2023, researchers at the University of Vienna demonstrated a protocol for quantum-digital payments in which the authenticity of a transaction is linked to the quantum-mechanical properties of single photons (Schiansky et al., Nature Communications, 2023). In this protocol, photons prepared in specific quantum states are used to generate transaction-linked cryptographic tokens associated with information such as the transaction amount, counterparty, or timestamp. Because quantum states cannot be copied, the protocol introduces security properties derived from fundamental principles of quantum physics, including the no-cloning theorem the quantum-physical principle that an unknown quantum state cannot be perfectly copied which makes such tokens inherently resistant to interception and replay attacks.

Within the CyberAId project, QUBO Technology, a spin-off of the University of Vienna, is investigating how this quantum token-based authentication concept could be integrated as an additional verification mechanism within real financial workflows. The project initially focuses on a structured use-case analysis in collaboration with an asset management partner within the consortium, concentrating on the authentication of payment instructions and settlement-related messages.

The objective is not to replace PQC, but to explore how quantum token-based authentication can complement future PQC-based infrastructures by introducing an additional layer of transaction verification. As part of this work, CyberAId will evaluate how such mechanisms can be integrated into existing transaction environments through simulation activities, with a pilot planned for a later stage of the project. Additional use cases involving further consortium partners are also being analysed.

The approach is deliberately complementary rather than competitive. PQC addresses the challenge of securing cryptographic systems against future quantum attacks, while quantum token-based authentication explores how quantum-mechanical properties could contribute to transaction-level verification. Together, these approaches may help strengthen cyber resilience across different layers of financial infrastructures.

This layered perspective aligns closely with the broader CyberAId vision of combining multiple cybersecurity technologies — including AI-driven threat detection, privacy-preserving technologies, and advanced cryptographic approaches — into an integrated framework for financial-sector cyber resilience.

The transition toward quantum-ready financial infrastructures is already beginning. Migration planning, regulatory discussions, and technology evaluations are accelerating across the financial sector. Through CyberAId, QUBO Technology and its consortium partners are contributing to this transition by exploring how both post-quantum cryptography and quantum-enhanced authentication mechanisms could support the next generation of secure financial systems.

QUBO Technology GmbH is a partner in the CyberAId project (Grant Agreement No. 101249596), funded by the European Cybersecurity Competence Centre.

Reference: P. Schiansky et al., “Demonstration of quantum-digital payments,” Nature Communications 14, 3849 (2023), https://www.nature.com/articles/s41467-023-39519-w

view related Posts

19

May

Category : Blog

Visibility at Scale: How Graph Analytics and eBPF Power Real-Time Fraud Monitoring
read more
13

May

Category : Blog

AI exploration into Penetration Testing: From Defensive Detection to Offensive Capabilities
read more
22

Apr

Category : Blog

Security Without Exposure: Scaling Privacy- Preserving Federated Learning in Finance
read more

Pilots

Tiered Client Impersonation Detection for Private Banking and Trading Systems

Advanced Anti-Money Laundering Detection for Payment Service Providers

AI-Enhanced Anomaly Detection and Incident Response for Banking Cybersecurity

Cyber-Resilient AI-Powered Threat Detection and Risk Modelling for High-Frequency Trading

Beyond the Algorithm: How CyberAId Is Exploring Quantum Token-Based Authentication for Financial Transactions

view related Posts

Visibility at Scale: How Graph Analytics and eBPF Power Real-Time Fraud Monitoring

AI exploration into Penetration Testing: From Defensive Detection to Offensive Capabilities

Security Without Exposure: Scaling Privacy- Preserving Federated Learning in Finance

Subscribe to our Newsletter

Contact Us