Summary
This piece lifts the lid on the cryptographic iceberg behind a mobile banking payment. In roughly half a second before you even type an amount, a typical device fires about 320 cryptographic function calls, spanning 20 distinct processes, 15 libraries, 31 objects, and 90 unique functions. End to end, a single payment touches nine parties and drives millions of cryptographic operations from silicon to settlement.
For quantum security, the message is clear. The volume and heterogeneity of calls across devices, apps, OS layers, trust stores, networks, and back-end systems make post-quantum migration an ecosystem problem. Hidden dependencies, protocol handshakes, certificates, and HSM integrations mean discovery and coordination will be as critical as the choice of algorithms.
CISOs should prioritize a living crypto inventory, enforce algorithm agility in SDKs and services, and pressure-test PQC and hybrid modes for latency, message size, and throughput across mobile and payment rails. Align with NIST PQC, coordinate upgrades with vendors and partners across all nine parties, and stage rollouts with robust observability. Quantum readiness is not a flip of a switch but a synchronized upgrade of a very busy cryptographic supply chain.
Read more
See the original article at: https://postquantum.com/post-quantum/cryptography-cbom-mobile-banking/