4 min read
Cryptomathic is excited to announce the introduction of its most advanced and efficient device binding protocols based on PQC Algorithm. This is a hallmark for Cryptomathic and showcases our continued investment as a pioneer in Cryptography and the future of the secure digital world.
With its Mobile Application Security Core (MASC), Cryptomathic introduces PQC Device Binding (v3): a modern device binding approach designed to improve assurance today while helping organisations build crypto-agile mobile security architectures for the future. For banks, wallet providers, insurers, and other security-sensitive organisations, this means a practical path to reducing account takeover and replay fraud, lowering operational overhead from manual reviews and remediation, and preparing mobile channels for the next generation of cryptographic requirements.
Mobile applications are now central to critical journeys in banking, payments, and digital services, making device trust a core business requirement. The finalization of NIST's post-quantum cryptography standards in August 2024 (including ML-KEM, ML-DSA, and SLH-DSA) has given organizations a clearer path for migration, while growing concerns around harvest-now-decrypt-later attacks are driving demand for crypto agility. For mobile applications, a strong Device Binding protocol is a key area (and an easy win in the PQC journey) where this transition delivers immediate value in the form of unique app instances, tamper-resistant cryptographic blueprint for the mobile applications and relevant threat signals that allow for monitoring and threat remediation.
Why Device Binding Needs To Evolve
In organisations where mobile application security is a priority, device binding is already a familiar concept. It is a protocol that helps ensure an endpoint, in this case a mobile application installed on a phone, is cryptographically associated with that device and can present a trustworthy claim of origin to back-end services. This matters because high-value digital interactions increasingly depend on confidence in both the user and the device.
Traditional device binding approaches often rely on RSA or ECC-based mechanisms. These have served the market well, but they are part of the broader classical cryptography landscape now being assessed against future quantum risk. That does not mean every mobile security control needs immediate replacement. It does mean organisations should start identifying high-value trust anchors and long-lived cryptographic dependencies where early migration can reduce risk and future operational burden.
PQC Device Binding addresses that challenge by introducing a stronger and more durable foundation for proving device origin. It is designed so that the device’s cryptographic blueprint remains non-exportable and more resistant to cloning and replay, while supporting long-term assurance based on post-quantum algorithms.
The diagram below highlights, at a high level, the flow of the PQC Device Binding protocol and selected MASC Assurance Service functions.
Image 1: Standard application to back-end request flow, with MASC (subset of features) running underneath.
In a previous article, we covered how your organization can make the move to CrytoAgility by mapping out Cryptographic use in the form of building a Cryptographic Bill of Materials (CBOM), it highlights the regulatory requirement around providing a evidence of control over Crypto assets and developing a SW-development framework centering Crypto Agility. Here we highlight the importance of transitioning to a PQC Device Binding protocol over traditional RSA/ECC algorithms.
1) Future Proof Trust Anchor & Reduce Rotation Protocols
Some banks use RSA based bind protocols, this is going to require radically large key sizes in order to be operational. The better alternative is ECC keys but those will be the target of quantum threats, which is particularly relevant to banking and payment confidentiality and audit trails.
If your device/app binding relies on classical asymmetric keys, and you keep long-lived binding records (registration attestations, device certificates, transaction authorizations), PQC helps ensure those proofs remain verifiable and trustworthy over the long term. The PQC Device Binding ensures that long-lived assurance doesn’t degrade under quantum threats or require frequent rotation.
2) Higher Assurance Enrollment On All Devices
PQC Device Binding is one of the critical path to High Assurance device enrollment and attestation functions even on devices which do not have TEE/SE present on the device. Your mobile applications do not rely on HW based keystore for proving high assurance secret on the device.
3) Regulatory & Ecosystem Readiness With Fewer “Panic Migrations” Later
NIST has provided the following timeline for the migration to the PQC algorithms. NIS Cooperation Group (June 2025):
-
By end of 2026: National PQC strategies and pilots.
-
By end of 2030: Transition completed for highrisk systems.
-
By 2035: Broad adoption across all sectors.
“Ensure the quantum threat becomes a part of risk management … establish mature cryptographic asset management to facilitate transition to PQC and improve cryptographic agility.”
ECCG’s Agreed Cryptographic Mechanisms v2 includes PQC algorithms (May 2025):
-
MLKEM (Kyber), MLDSA (Dilithium), SLHDSA (SPHINCS+), FrodoKEM.
-
Guidance: Hybrid crypto and upgrade readiness recommended for EUCC certification
It is visible from the timeline that by 2028 organizations need to complete their discovery and gaps in the form of requirements to suppliers. As we see more and more organizations stepping into the PQC realm, there are a few quick wins that are around the corner in the form of PQC Device Binding. This move will allow organizations to innovate quickly and add strong algorithms at one of the critical application paths.
Why This Matters Commercially Now
For many organisations, the case for PQC can still seem distant because the threat horizon is discussed in strategic terms. Device binding changes that conversation because it turns PQC into a practical business control.
A stronger device trust model can help reduce account takeover and replay fraud because a successful attacker may need both credentials or tokens and access to the device-bound cryptographic material that MASC protects. That can translate into fewer fraud losses, fewer manual investigations, fewer reimbursement cases, and less operational handling overall.
It also creates a stronger foundation for passwordless and possession-based flows, including architectures that may sit alongside passkeys and WebAuthn journeys. In that sense, PQC Device Binding is not only a defensive control. It is also an enabler for more modern digital service design.
Most importantly, MASC PQC Device Binding has shown performance advantages in Cryptomathic testing, with results indicating more than 50% higher efficiency than traditional ECC-based device binding in the tested scenario. That can support higher transaction throughput and a more efficient mobile security layer across the ecosystem.
Conclusion
MASC PQC Device Binding is a practical security primitive that organisations can use now to modernise mobile trust without re-architecting their application stack. It strengthens proof of device origin, improves resistance to cloning and replay, and helps establish a more durable cryptographic trust anchor for mobile applications.
For regulated and security-sensitive organisations, the value is broader than cryptographic modernisation alone. It can help reduce fraud exposure, lower operational burden, support stronger enrolment across a wider device population, and prepare mobile channels for a world in which crypto agility is no longer optional.
In other words, PQC Device Binding is not only about readiness for a post-quantum future. It is about improving assurance and business resilience on one of the most important digital trust paths today.