You’ve probably been hearing about quantum computing for years. I remember discussing it with other students back when I was studying software engineering. And now, we’re closer to that reality than ever before.
Most organizations see quantum computing as a future problem, or don’t really know what it is. They hear the term “post-quantum cryptography”, or PQC, and it sounds like something out of a science fiction novel.
So what are quantum computers?
Quantum computers are a new type of computing technology that can solve certain complex problems exponentially faster than classical computers. That shouldn’t be too surprising — technology keeps advancing, and today, our mobile devices are far more powerful than machines we had just ten years ago.
The difference here is not just speed. It is a fundamentally different way of computing that, combined with new algorithms, make previously impractical problems solvable.
One of those impractical problems is breaking the cryptographic algorithms that protect today’s data, e.g., the encryption used to secure B2B transactions, financial exchanges, and sensitive communications. While this is not yet possible at scale today, sufficiently powerful quantum computers are expected to make this a reality.
For organizations running large B2B ecosystems, the immediate concern is how transactions, sensitive data, and partner relationships stay protected over time.
The risk is not that everything breaks overnight. It’s that the exposure is already happening. Data that is encrypted today can already be intercepted and stored. Even if it is secure now, it could be decrypted in the future once quantum technology becomes powerful enough.
Why post-quantum cryptography in B2B is harder than it sounds
That’s the challenge, but there is also good news. New, quantum-resistant encryption mechanisms are already being developed and standardized. NIST has already finalized the core post-quantum cryptography standards and continues to evaluate additional backup algorithms. In other words, the industry is not waiting. The next generation of security is already taking shape.
The question then becomes how to adopt such PQC standards in a real-world B2B environment. In theory, upgrading encryption sounds straightforward. In practice, for B2B, it is much more complex.
Companies exchange data with hundreds, sometimes thousands, of partners, where every connection is essential to 24/7 operations. You don’t just “upgrade security” – you have to align across an entire ecosystem.
See also: Quantum computing could break MFT encryption, and what Axway is doing to prevent that
Take a typical B2B environment comprised of different protocols such as AS2, AS4, SFTP, and APIs, with partners operating at different levels of maturity. Some can quickly adopt new cryptographic standards, while others rely on legacy systems that haven’t changed in years.
In B2B, a certificate change, a new key exchange algorithm, or a shift in supported cipher suites can break connectivity with partners. AS2 and AS4 partner profiles, TLS handshakes, and SFTP configurations require shared cryptographic parameters, so if one party upgrades but the other can’t support the new algorithm, then the connection fails. And downtime is simply not an option: orders stop, invoices don’t go through, supply chains get impacted. Moving to post-quantum cryptography is not a simple switch. You cannot upgrade everything at once or force all partners to move at the same time, and you cannot afford the disruption of failed transactions.
So the question becomes very practical: how do you evolve your security requirements while keeping your entire partner ecosystem running?
A pragmatic way forward: crypto-agility
To reduce business impact and maintain real-time operations, post-quantum security should be adopted methodically, with new encryption mechanisms introduced across the B2B stack as standards evolve.
This is where “crypto-agility” becomes critical, supported by a hybrid approach where classical and quantum-resistant encryption need to coexist. This allows partners to move at different speeds without breaking existing connections. Existing integrations and business flows can continue to run, while the security model evolves behind the scenes.
The difference between a theoretical approach and a real-world one is reflected in B2B operations where security has to accommodate production workflows, not disrupt them. Getting ready for the quantum era is not about switching everything all at once. It is about evolving the ability to support new standards over time, without disruption.
Putting post-quantum cryptography into practice
This is exactly the approach modern B2B platforms need to support.
At Axway, this is the path we are taking with the B2B integration solution. The Axway B2Bi roadmap introduces post-quantum cryptography progressively, starting at the transport layer and extending to full message-level security over time. This phased approach enables organizations to strengthen their security one step at a time. Becoming crypto-agile may involve some backend system changes, but it doesn’t require a full redesign of the existing integration landscape.
| Phase 1: Transport Core 🎯 | Phase 2: Transport Expansion 🖱️ | Phase 3: Message Security 📈 | Phase 4: Full Coverage 🖥️ |
|
|
| Remaining message-level protocols |
Features and benefits include:
| Features and benefits include:
| Features and benefits include:
| Features and benefits include:
|
It begins at the transport level, where secure connections between systems are established, such as TLS for HTTPS or key exchange for SFTP. This creates the foundation for quantum-safe encryption, allowing organizations to introduce PQC capabilities without impacting existing integrations or partner connectivity. From there, security expands across additional protocols and infrastructure components, gradually extending protection across the B2B network.
The next step moves deeper into the message layer, where the actual business data is protected. This includes encrypting and signing B2B messages end to end, ensuring data integrity and confidentiality even when transactions pass through multiple intermediaries.
Finally, the goal is full coverage, where all connections, protocols, and message types are protected using quantum-resistant cryptography. At the same time, organizations can continue to operate in hybrid mode, combining classical and post-quantum encryption as needed to maintain interoperability with partners.
The B2Bi roadmap reflects a practical approach to post-quantum readiness. It progresses from securing how systems connect to securing what they exchange, while keeping B2B operations running without disruption.
If you’re starting to think about how to get ready for the new security landscape in B2B, feel free to connect with our experts.