If you have enough computing power and time (and happen to be an evil person), you could break through the security of any digital payment. But perhaps the days of cyber thieves are numbered. In a new paper published in Nature Communications, researchers from the University of Vienna demonstrate how to make digital payments secure—with quantum mechanics.
In a normal digital payment, interactions between customers, merchants, and payment providers (like Venmo) are protected by a randomly generated code that’s used to scramble up the message. This code—or “cryptogram,” as the researchers call it—ensures the uniqueness of the payment. If you intercept the message, what you get is useless, unless you know the code, or criminally break through it. Doing so means being able to make purchases using someone else’s financial information. But encrypting digital payments using quantum entanglement makes that virtually impossible.
In their paper, the University of Vienna researchers show how quantum light could be used to create “unforgeable” codes. Using quantum states to encrypt digital payments isn’t a new idea, but the researchers have devised and demonstrated a protocol that could be used in a real-world setting between a bank, a buyer, and a vendor (once internet networks have been upgraded to handle quantum transactions and the required hardware for the quantum internet is installed). It’s an improvement over the previous protocols because it requires only one safe channel (bank-buyer) while the other two (buyer-vendor, vendor-bank) have an unknown trustworthiness.
It’s like a seal on an envelope basically, just with quantum physics.
The buyer and the bank must exchange some initial information that links them together. “During a payment,” the researchers write, “the bank sends a set of quantum states to the [buyer’s] device (e.g., phone, computer, etc.), which measures them and transforms them into a quantum-secured payment token,” or a cryptogram. If the buyer then wants to make a purchase, they send information to the vendor, who checks whether the buyer’s information agrees with that from the bank. If it doesn’t, the purchase doesn’t take place.
For their experiment, the researchers sent entangled photons, which facilitate a secure transaction, through standard optical fibers and used superconducting nanowires to detect them. Quantum cryptography relies on the idea that if you make a measurement on a quantum state, that’ll irreversibly change the state. This means you can tell when someone has looked at your message. It’s like a seal on an envelope basically, but with quantum physics. Just because a hacker has looked at your message, doesn’t mean they can decipher it, but knowing that someone is attempting to bypass your security is still valuable information. “Quantum technology,” the researchers write, “comes with the potential to protect even against infinite computational power.”
There are some challenges to using quantum cryptography in real-world applications. One is that it requires maintaining quantum entanglement—a correlation between the behavior of particles prepared in a particular way—over large distances and long time periods, and measuring single photons, tasks which the current internet infrastructure isn’t up to. Another one is that while you can tell that someone intercepted a message if it’s quantum encrypted, that doesn’t stop people from intercepting it. Think of the sealed envelope: Of course you can look at it if you don’t care that the owner knows someone attempted to read it.
Unfortunately, while current digital payment methods take just a few seconds, the new quantum method took “a few tens of minutes,” as the researchers write. They say that the time can probably be cut down with technological improvements: “It is practical with near-term technology and may herald an era of quantum-enabled security.”
Then again, maybe waiting “a few tens of minutes” before buying that thing I just clicked on wouldn’t be such a bad idea.
This post is adapted from Sabine Hossenfelder’s “Science Without the Gobbledygook,” on Patreon.
Lead image: Sasin Paraksa / Shutterstock