Whalesbook
Preparing for Quantum Computing Threats
The finance ministry's directive for public sector banks (PSBs) to explore quantum-resistant encryption is critical for India's financial sector. It pushes banks to prepare for a future where quantum computing could break today's strongest encryption quickly. Experts project "Q-Day," the point at which quantum computers can break current cryptography, to arrive as early as 2029, with broader consensus pointing to the mid-2030s.
State Bank of India, the nation's largest lender with a market capitalization nearing ₹1 trillion, is already collaborating with IIT Jodhpur on tackling phishing apps. Punjab National Bank is focusing on "Quantum-Proof Systems for Public-Facing Applications," while UCO Bank is developing audio forensics to combat voice cloning fraud. These individual efforts are amplified by national initiatives like India's National Quantum Mission, which has a ₹6,003.65 crore outlay and aims to establish a 2,000-km quantum communication network by 2030-31. The mission has already demonstrated a 1,000-km secure communication network, showcasing indigenous technological advancements.
Global Race and India's National Quantum Mission
India is not alone in this push for quantum readiness. Major global financial firms, including JPMorgan Chase, Goldman Sachs, Barclays, HSBC, and Mastercard, are testing quantum-safe encryption methods. This global race highlights the importance of post-quantum cryptography (PQC) for protecting sensitive data and transactions. Regulators in the US, Europe, and the G7 are also urging banks to enhance computing infrastructure security, targeting critical systems by 2030.
Indian PSBs are entering this domain with varying financial profiles. SBI, with a P/E ratio around 11-12 and a market cap of approximately ₹1 trillion, appears to be valued moderately. PNB trades at a lower P/E of around 7-8, reflecting a market capitalization of roughly ₹131,000 crore. UCO Bank, with a market cap of about ₹33,500 crore, has a P/E ratio around 12-13, indicating a similar valuation to SBI but on a smaller scale. The broader Indian BFSI sector, however, is robust, with market capitalization reaching ₹108 trillion in 2026 and earnings growth projected at 16-17% for FY27-28. The sector's cybersecurity spending has seen significant growth, reaching $1,738 million in 2023 from $518 million in 2019.
Hurdles: Legacy Systems and High Costs
The mandate to explore quantum-resistant encryption presents significant operational and financial hurdles for PSBs. Cybersecurity experts note that replacing encryption, which is embedded in systems like apps, payment networks, ATMs, cloud infrastructure, and data centers, is a complex, multi-year task. Estimates suggest India's banking sector may need to invest up to ₹2,000 crore over the next five to seven years to achieve quantum readiness. This represents a substantial capital expenditure for institutions whose profitability metrics, such as ROE, are generally lower than those of many private sector peers, with UCO Bank's ROE at approximately 8-9%.
The "harvest now, decrypt later" strategy, where attackers collect encrypted data for future decryption by quantum computers, adds a retroactive threat. Despite NQM progress, the scale and embedded nature of legacy systems in PSBs pose a major challenge, potentially exposing them to immediate risks before quantum-proofing is complete. The gap between current capabilities and future needs is vast. The migration process could strain resources needed for ongoing digital transformation and existing cybersecurity threats, which remain critical.
A Costly but Essential Transition
The mandate for quantum-resistant encryption is a strategic necessity, not an immediate solution. The global financial system is undergoing a major cryptographic transition, driven by regulations and the mathematical certainty that quantum computers will eventually break current encryption. While the exact timeline for 'Q-Day' is debated by experts, the urgency for proactive planning and migration is clear. Financial institutions, including PSBs, must balance the costs and complexity of this transition against the threat posed by quantum computing. The path forward involves a phased adoption, strategic prioritization of critical systems, and close collaboration between public and private sectors to ensure a resilient and secure financial infrastructure for the quantum era.