SAVYINT YEAR-END PARTY 2025 | RE:IMAGINE – REDEFINING DIGITAL TRUST FOR THE GLOBAL STAGE
Closing 2025 with pride and opening a new chapter of aspiration, Savyint gathered for its year-end party under the theme “RE:IMAGINE.” More than a celebration, this event served as a strategic milestone, declaring a bold vision to conquer the APAC and MENA markets in 2026. A Global Vision with Strong Roots With its office located in Australia, Savyint serves as a beacon of technological excellence, seamlessly connecting world-class R&D with practical, high-scale deployment. With a core team comprising top Australian and Vietnamese talent, Savyint operates a dual R&D structure in Sydney and Vietnam, supported by a robust service center in Vietnam and business centers strategically located across Hanoi, HCMC, Singapore, the Philippines, Dubai, Sydney, and the EU. The “REIMAGINE” theme signifies a major strategic pivot. It is a commitment to breaking familiar boundaries and creating distinctive value on a global scale. As Executive Chairman Steve Huang emphasised during the opening speech, amidst a rapid global digital transformation, Savyint is steadfast in mastering core technologies to meet the most stringent international standards. The 2026 Strategy focuses on Advanced Technology and Zero Trust Moving into 2026, Savyint is restructuring its strategic focus to deepen its expertise in cutting-edge domains. The group is well-positioned to take the lead in the following areas: At the heart of this strategy is the Zero Trust Framework. Savyint positions itself as a pillar of digital trust, ensuring absolute safety in payment transactions and cryptocurrency dealings, while providing a total fraud prevention mechanism. Compliance: The Competitive Edge Savyint distinguishes itself not just by technology but by rigorous adherence to global and local compliance standards. Savyint’s solutions are engineered to comply with a comprehensive matrix of regulations: This dedication ensures that Savyint acts as a secure bridge for enterprises as they navigate the complicated regulatory landscapes of APAC and MENA. Highlighting this success, SAM Enterprise Appliance was honoured as the “Product of the Year”. Already successfully deployed in major financial institutions like Agribank, BIDV, Sacombank, and Bac A Bank, this solution recently won at APICTA 2025 (the “Oscars” of Asia-Pacific ICT), affirming Savyint’s ability to compete on the international stage. Reaching the Open Seas The Year End Party 2025 concluded not just with festivities but with a unified spirit of determination. The Savyint team’s energy – from the R&D engineers to the business units – reflected a readiness to step into the “Open Seas”. With a redefined strategy, a footprint stretching from Sydney to Dubai, and a portfolio of certified, high-security solutions, Savyint Group is ready to dominate the competitive landscape of 2026, delivering uncompromised Digital Trust to the world. Highlights at the event:
Strengthening Authentication and Security in the Financial and Banking Sector in Southeast Asia
Alongside the rapid growth of the financial and banking sector, regulatory frameworks across many Southeast Asian countries have been continuously updated and refined to enhance safety and security in financial operations. In Vietnam, Singapore, the Philippines, and Malaysia, newly issued regulations go beyond technical compliance requirements and increasingly focus on protecting users and strengthening trust in digital financial systems. Safeguarding digital identities, personal data, and financial transactions is now widely recognized as a prerequisite for the sustainable development of the electronic financial ecosystem. In response to these increasingly stringent requirements, financial institutions are compelled to comprehensively upgrade their authentication capabilities, security controls, and risk-management frameworks to a higher level. Security Requirements for Open API Implementation The rapid expansion of digital banking, e-wallets, Open Banking, and fintech partnership models has made fraud, cyberattacks, and data leakage common challenges across the region. Establishing strict security requirements for Open API implementation has therefore become a critical prerequisite for protecting financial systems and maintaining customer trust. In Singapore, as early as 2016, the Monetary Authority of Singapore (MAS) issued Open Banking and API guidelines requiring financial institutions to implement strong authentication mechanisms, customer consent management, identity and access control, and strict authorization when sharing data with partners. From an early stage, Singapore mandated standards such as secure API gateways, OAuth/OIDC-based security, multi-factor authentication (MFA), and contextual access monitoring as foundational requirements for sustaining trust within the open financial ecosystem. In 2021, the Philippines introduced the Open Finance Framework, which defines a phased roadmap for data sharing with clearly articulated technical, governance, and security standards aimed at building an open financial ecosystem. One year later, in 2022, Bank Negara Malaysia (BNM) launched the Open API Framework, providing clear guidance on how banks and third-party fintech providers can securely share data. The framework emphasizes strict security controls, customer-consent-based access management, and technical reference guidelines to promote innovation and fair competition within the digital financial ecosystem. In Vietnam, Circular 64/2024/TT-NHNN regulates the implementation of Open Application Programming Interfaces (Open APIs) in the banking sector, allowing credit institutions to connect and collaborate with third parties to deliver new financial services. However, ecosystem expansion must be accompanied by stringent requirements for authentication, access control, data protection, and customer consent management. The Circular also defines a clear roadmap for banks that have already deployed Open APIs, ensuring a controlled and secure transition process. Data Protection and Financial Fraud Prevention Requirements Singapore and the Philippines have long established comprehensive legal frameworks to protect customer data. Singapore is a regional pioneer in data-protection and digital-banking regulation. The Personal Data Protection Act (PDPA), enacted in 2012 and amended in 2020, provides detailed rules governing the collection, use, and storage of personal data, and requires organizations to notify authorities in the event of data breaches. In the banking sector, the Technology Risk Management Guidelines issued by MAS mandate multi-factor authentication (MFA), the use of OTPs or biometrics, and enhanced monitoring of high-risk transactions. The Philippines adopted the Data Privacy Act in 2012, one of the earliest such frameworks in the region, granting users the right to access, correct, and delete personal data. Compliance is overseen by the National Privacy Commission (NPC). In banking, the Bangko Sentral ng Pilipinas (BSP) mandates MFA for electronic payment services, the implementation of eKYC, and device and transaction risk management. Most recently, BSP Circulars 1213 and 1214 were issued in response to rising financial account fraud, to enforce the Anti-Financial Account Scamming Act (AFASA). These regulations emphasize enhanced technology risk management, the adoption of modern authentication methods, and the establishment of coordinated investigation and information-sharing mechanisms between banks and law-enforcement authorities. Specifically: In Vietnam, the Personal Data Protection Decrees (2023), together with the Cybersecurity Law (2018), impose strict requirements on customer consent, impact assessments for sensitive data, and data localization. More recently, Circular 50/2024/TT-NHNN establishes security requirements for online banking services, mandating that credit institutions and foreign bank branches implement customer-protection guidelines (PINs, OTPs, fraud awareness), encryption, access monitoring, and incident reporting to ensure confidentiality, integrity, and availability while protecting customer rights. Overall, regulatory priorities in Singapore, Vietnam, the Philippines, and Malaysia converge around the adoption of advanced security measures to protect customers from technological risks, online fraud, and cyberattacks, alongside clearly defined Open API implementation roadmaps. Strengthening Authentication and Security with Savyint’s Comprehensive Solutions In response to increasingly stringent compliance requirements, Savyint delivers a comprehensive security ecosystem that enables banks and financial institutions to effectively comply with Circulars 64 and 50, as well as BSP Circulars 1213 and 1214, while strengthening long-term security capabilities and risk governance. Savyint’s solution portfolio is built around four core pillars: Secure Payments, Open Banking, Data Protection, and Digital Trust. Under the Secure Payments pillar, Savyint deploys strong customer authentication (SCA), multi-factor authentication (MFA), Smart OTP, passkeys, FIDO2, biometrics, 3D Secure, tokenization, and fraud-management capabilities such as risk scoring and real-time monitoring. This security layer directly protects card payments, e-wallets, online transfers, and e-commerce transactions, reducing fraud risks for customers, financial institutions, and merchants while safeguarding wallet and card data. To support controlled Open API connectivity under Circular 64 and Open Banking standards, Savyint provides a full Open Banking solution suite, including API Management, Open Banking Portal, Consent Management, CIAM/SCA-PSD2, TPP Management, and Tokenization. These solutions enable banks to securely deploy Open APIs with strict access control, robust customer consent management, and purpose-limited data sharing in line with security and compliance requirements. For transaction and data protection, Savyint secures information throughout its lifecycle with solutions such as Sam Appliance, Sam Auth Server, Savyint PKI-in-a-Box, Enterprise Security Appliance, KMS, and DSS. Notably, Sam Appliance is an all-in-one platform for data encryption, digital signatures, and mobile identity, featuring a FIPS 140-2 Level 3-certified server appliance integrated with Hardware Security Modules (HSMs), SAM software, key-management systems, and digital-signing software. This flexible security platform supports diverse deployment needs across banking, finance, healthcare, education, telecommunications, broadcasting, and media sectors. Beyond digital signatures for invoices, contracts, documents, certificates, and payment records, Sam Appliance is built on a Cryptographic
AI/ML-Based Banking Transaction Fraud Prevention
As digital transformation accelerates, detecting and preventing banking transaction fraud through advanced technologies such as AI and machine learning (AI/ML) has become a top strategic priority for financial institutions, as cybercrime continues to grow in both scale and sophistication. According to the latest data from the U.S. Federal Trade Commission (FTC), total consumer-reported fraud losses in 2024 reached approximately USD 12.5 billion, representing an increase of nearly 25% compared to 2023. This highlights the rapidly escalating severity of fraudulent activities. Beyond direct financial losses, banks also incur substantial additional costs related to investigations, legal proceedings, incident response, and reputation recovery – often making the actual cost several times higher than the initial monetary loss. More critically, fraud incidents significantly erode customer trust, negatively impacting customer retention and the ability to attract new users. Investing in advanced fraud detection systems and proactive prevention measures is therefore not merely an operational requirement, but a strategic imperative for banks to protect assets and maintain credibility in the digital era. What Is Banking Fraud Prevention? Banking fraud prevention refers to the use of multiple, layered protection methods by banks to detect early signs of fraud, reduce risk exposure, and prevent financial fraud before it causes serious damage. Today, modern fraud prevention strategies no longer focus solely on incident response after fraud has occurred. Instead, they emphasize proactive prevention from the outset. These approaches integrate advanced data analytics, real-time monitoring, and AI-driven risk assessment, enabling banks to stay ahead of increasingly complex financial threats. As fraud types become more sophisticated, fraud detection technologies are more critical than ever to maintaining the security and integrity of banking data and transactions. Using AI/ML to Detect and Prevent Banking Fraud By deploying a flexible and adaptive defense system against financial fraud threats, banks and financial institutions can effectively prevent and minimize the impact of fraudulent activities. At the core of this defense system is the application of advanced data analytics, artificial intelligence, and machine learning to detect fraud patterns in real time and provide early warnings of potential risks. In parallel, banks deploy phishing-resistant Strong Customer Authentication (SCA) and Multi-Factor Authentication (MFA), incorporating FIDO2 security keys, passkeys, transaction signing, device-bound cryptographic keys, and biometric factors. Together, these mechanisms create a flexible, adaptive and resilient defense against financial fraud, ensuring that only authorized users can access accounts and sensitive information. Real-time transaction monitoring serves as a foundational component of financial fraud prevention systems. Beyond supporting compliance with KYC and anti-money laundering requirements, continuous AI/ML-driven monitoring enables large-scale data analysis to identify abnormal behaviors as soon as they occur, thereby mitigating risks before fraud results in actual losses. Periodic risk assessments involve analyzing emerging fraud trends, reviewing vulnerabilities in existing systems, and adjusting prevention strategies accordingly. This allows banks to continuously refine and enhance the effectiveness of fraud detection over time. Beyond detection and assessment, AI/ML enables the prediction of future fraud risks. By learning from past fraud incidents, systems can identify individuals or groups with a higher likelihood of committing fraud, helping organizations allocate preventive resources more precisely and effectively. Strong Customer Authentication and Multi-Factor Authentication enhance the security of user access and transaction approval by moving beyond traditional password-based mechanisms. When implemented with phishing-resistant authentication methods such as FIDO2 security keys, passkeys, transaction signing, device-bound cryptographic keys, and biometrics, SCA/MFA provides a flexible, adaptive, and resilient security layer. This method ensures that only legitimate users can access accounts and authorize transactions, effectively mitigating risks such as phishing, credential theft, account takeover, and financial fraud, while meeting stringent regulatory and security requirements. Alongside technology, customers play an increasingly important role. Proactively raising customer awareness of common scam techniques and providing guidance on safe transaction practices empowers users to protect themselves against fraud and social engineering attacks. Financial fraud prevention is a continuous journey that requires banks and financial institutions to constantly update and adopt new technologies to enhance prevention capabilities and minimize fraud-related losses. Savyint delivers a comprehensive Fraud Prevention and Risk Management solution suite designed to help banks and financial institutions detect fraud early, prevent incidents promptly, and manage fraud risks effectively. Connect with Savyint’s experts today to strengthen your defenses and minimize financial fraud risks. Source:
SAM Appliance Wins Asia-Pacific ICT Award (APICTA) 2025
On December 8, at the announcement and awarding ceremony of the Asia-Pacific ICT Awards (APICTA) 2025, SAVYINT’s SAM Appliance was honored as the Second Runner-up in the category Security Solution – Business Service. APICTA is the most prestigious ICT award in the Asia-Pacific region, held annually since 2001 by the Asia Pacific ICT Alliance. This year, APICTA 2025 took place in Kaohsiung, Taiwan, celebrating and recognizing outstanding software products, IT solutions, digital applications, and innovative startup projects from 17 member countries and economies. SAM Appliance by SAVYINT excellently achieved the Second Runner-up title in the Security Solution – Business Service category. This accomplishment is particularly meaningful as it marks SAVYINT’s first participation in APICTA, demonstrating the innovative capabilities and solution quality of Vietnamese technology enterprises on an international stage. SAM Appliance – An all-in-one solution for data encryption, digital signature authentication and mobile identification SAM Appliance is a solution for all-in-one data encryption, digital signature authentication and mobile identification, ensure compliance with standards for remote digital signature, blockchain, crypto currency, mobile payment, data encryption, transaction encryption, timestamp, security, system authentication, IoT, Car2X… SAM Appliance includes a FIPS 140-2 Level 3–certified Server Appliance combined with Hardware Security Module (HSM) devices, integrated with SAM Software, Key Management Software (KMS), and digital signing software, creating a comprehensive and flexible security platform for any deployment needs and sectors such as Finance and Banking, Healthcare, Education, Telecommunications, Broadcasting, Media,… With its compact design and all-in-one hardware architecture, the solution enables fast installation and operation, optimal performance, unlimited integration with existing information systems, and maximum minimization of security vulnerabilities. It ensures system safety thanks to its independent and specialized operating environment, eliminating reliance on third parties, while significantly reducing investment costs compared to traditional specialized security infrastructures. More than just a platform for signing invoices, contracts, documents, certificates, or payment records, SAM Appliance is built on the Cryptographic Security Platform (CSP). It integrates SCA and MFA authentication, PKI-based passwordless authentication, tokenization, transaction signing with end-to-end encryption, advanced mobile security with Cryptography, and supports Post-Quantum Cryptography (PQC) — ready for the new security era. It also supports data and transaction encryption, blockchain and cryptocurrency integration, mobile payment and digital wallet capabilities, timestamped digital signatures, and long-term electronic archiving for 5, 10, and 20 years. SAM Appliance fully complies with regional technical standards and international legal regulations, including FIPS 140-2 Level 3, ISO 9001:2015, ISO 14001:2015, ISO 27001:2022, GDPR, SOC 2 Type II, HIPAA & PCI DSS. During the event, Brad Palmer, COO & EVP of Savyint, shared: “SAM Appliance is a breakthrough technology solution designed to address the core challenges of security, data encryption, and digital identity in today’s era of rapid digital transformation. We developed SAM Appliance as a unified security platform where any organization or enterprise can deploy digital signatures, strong authentication, and secure data and transaction encryption on a single hardware device that meets the highest international standards.” Being honored at APICTA 2025 is a powerful affirmation of Savyint’s technological capabilities. Along with SAM Appliance, Savyint’s solutions will continue to accompany global organizations and enterprises on their journey toward safe, sustainable, and fully compliant digital transformation. Photos from the event:
Savyint Proudly Sponsors World Financial Innovation Series (WFIS) 2025 Philippines as Bronze Sponsor
Savyint is honored to be a Bronze Sponsor of the World Financial Innovation Series (WFIS) 2025 Philippines, the premier fintech event in the ASEAN region, organized by Tradepass. The event will bring together over 600 leaders and experts from the finance, banking, and insurance sectors, representing more than 200 organizations across the region. The Philippines is at the forefront of the digital financial transformation, with the online lending market projected to reach USD 1.68 billion by 2027 and over 65 million e-wallet users expected by 2025. Additionally, electronic payments account for 52.8% of total retail transactions, reflecting the widespread adoption of digital technologies in financial services. This surge is driven by three key factors: supportive government policies, the rapid rise of fintech, and the growing demand for a comprehensive financial ecosystem. Initiatives led by the Bangko Sentral ng Pilipinas (BSP), such as the Open Finance pilot program and Project Nexus for enhanced cross-border payments, underscore the country’s commitment to fostering financial inclusion and sustainable development. Against this backdrop, WFIS 2025 Philippines, hosted by Tradepass, serves as a pivotal platform, uniting over 600 industry leaders and experts from 200 organizations. Under the theme “Bridging Financial Gaps for a Digitally Smart Philippines,” WFIS 2025 is more than an event—it is a hub for strategic collaboration and discussions on critical topics such as Open Finance, Central Bank Digital Currency (CBDC), and the application of AI and blockchain in financial services. With over 300 active fintech companies and online payments comprising 52.8% of retail transactions, WFIS 2025 is the ideal stage to shape the future of fintech in the Philippines and drive financial innovation. Over the course of two days, WFIS 2025 Philippines will feature a robust lineup of activities, including: As a Bronze Sponsor, Savyint is represented at the event by Mr. Steve Hoang, Chief Technology Officer, and Mr. Brad Palmer, Chief Operating Officer and Executive Vice President. Savyint’s leadership will engage with top regional executives, investors, and strategic partners, sharing insights on secure digital transformation, electronic identity, and building digital trust within the financial ecosystem. Mr. Brad Palmer stated: “WFIS 2025 is a vital platform for Savyint to connect with strategic partners in the region while reaffirming our long-term commitment to delivering advanced security, identity, and digital finance solutions. This event provides an opportunity to showcase our latest technologies, engage with banking and fintech leaders, and contribute to the secure and sustainable growth of the Philippines’ and ASEAN’s financial ecosystems.” With over 20 years of expertise in developing encryption, identity, and authentication solutions, Savyint offers the market’s most comprehensive authentication platforms, fully compliant with BSP Circular No. 1213. The company is dedicated to supporting the Philippines’ financial sector by implementing modern security standards, combating fraud, and fostering digital trust. Images from the event:
SAM Auth Server – Next-Gen Digital Identity & Authentication Compliant with Philippines BSP Circular No. 1213
The Philippines BSP Circular No. 1213 introduces specific changes that will reshape authentication policies across financial institutions in the Philippines, with a one-year compliance window starting June 2025. The pressing question now is how to adapt effectively Bangko Sentral ng Pilipinas (BSP) Circular No. 1213, issued in June 2025, is a regulation mandating stricter, phishing-resistant, device-bound authentication for financial institutions in the Philippines to combat digital fraud. The circular aims to enhance security in digital customer onboarding, transactions, and session management by replacing insecure methods like SMS/email OTPs with stronger tools such as passkeys and biometrics. The requirements apply to all BSP-supervised financial entities, including banks, fintech companies, payment providers, and lending firms, and cover critical areas such as: Financial institutions have one year from June 2025 to fully comply with all the requirements of this Circular. 1. Specific regulations BSP Circular No. 1213 highlights the growing security risks of traditional OTP methods – particularly those delivered via SMS or email—and advises against their use. This stance reflects global recognition that such channels are highly vulnerable to phishing, SIM swap attacks, and other forms of social engineering. Biometric authentication, Behavioral biometrics, Passwordless authentication (biometrics, hardware tokens and cryptographic keys, FIDO), Adaptive authentication, considered perfectly aligned with BSP Circular No. 1213 because they directly address the circular’s core security objectives: preventing phishing, eliminating interceptable authentication, and binding user access to a secure device. Fundamentally, the provisions of BSP Circular No. 1213 adopt a similar approach to those of other countries around the world, as cyberattacks are a global issue. 2. Comprehensive Compliance Solution – SAM Auth Server With over 20 years of experience in developing encryption, identity, and authentication solutions, Savyint offers one of the most comprehensive authentication platforms, fully meeting and even exceeding the requirements of BSP Circular No. 1213. SAM Auth Server is an all-in-one strong authentication solution that enables system authentication, data encryption, transaction encryption, multi-layer authentication, multi-level security, and integration with hardware security devices as well as software functional modules, ensuring maximum safety for electronic transactions. 2.1 Key features of the solution Transaction Authentication Features Access Control Token Types Data Encryption – Transaction Encryption Encrypt data and transactions, ensuring that all information cannot be stolen or tampered with during initiation, storage, and transmission. Integration with AML monitoring systems and Fraud Management Systems (FMS) 2.2 Full compliance with international standards With a flexible design and high scalability, SAM Auth Server can be easily deployed across various system models (on-premise, cloud), supports multiple platforms, and delivers the most advanced authentication methods available today. Contact us now for a consultation HERE!
Embracing the Quantum era with Post-Quantum Cryptography (PQC)
In the near future, quantum computers are expected to become powerful enough to break traditional asymmetric cryptographic algorithms—the backbone of data security for messages, documents, and online transactions. Post-Quantum Cryptography (PQC) is being developed to counter this immense computational power. Post-Quantum Cryptography (PQC), also referred to as Quantum Safe Cryptography (QSC), encompasses encryption algorithms designed to withstand attacks from quantum computers. What is Quantum Computing? Quantum computing leverages principles of quantum physics to solve mathematical problems exponentially faster than classical computers. Tasks that would take today’s most powerful supercomputers years to complete could be reduced to mere days by quantum computers. This unprecedented computational power heralds a new era for applications like artificial intelligence. However, alongside its benefits, quantum computing poses significant security threats. Why Are Quantum Computers a Security Threat? Once sufficiently advanced quantum computers emerge, traditional asymmetric cryptographic algorithms will become vulnerable. For instance, widely used algorithms like RSA and ECC, which rely on mathematically complex problems such as integer factorization and discrete logarithms, are employed globally to secure bank accounts, medical records, and other critical data. However, quantum algorithms like Shor’s algorithm could easily break RSA and ECC. Governments and global tech corporations have acknowledged this threat, issuing warnings to protect critical infrastructure against potential quantum attacks. The U.S. National Security Memorandum of May 2022 states: “A sufficiently large and sophisticated quantum computer capable of breaking cryptography (CRQC) could compromise most public-key cryptographic algorithms used in digital systems across the U.S. and worldwide. A CRQC could endanger civilian and military communications, undermine supervisory and control systems for critical infrastructure, and defeat security protocols for most internet-based financial transactions.” What is Post-Quantum Cryptography (PQC)? To counter quantum attacks, global research efforts are underway to develop stronger algorithms to replace RSA and ECC, capable of resisting attacks from both classical and quantum computers. These algorithms are collectively known as Post-Quantum Cryptography (PQC). Why Act Now? While quantum computers capable of such feats may not yet exist, data collection is already occurring. Sensitive or private data, valuable for years or even decades, is at risk. Hackers may be storing encrypted data now, waiting for future quantum computers to decrypt it—a strategy termed “harvest now, decrypt later.” Additionally, devices like chips have long development cycles, requiring years of security testing and certification before deployment in existing infrastructure. Therefore, transitioning to PQC sooner rather than later is highly advantageous. Global Progress in PQC Development The most significant PQC research is led by the U.S. National Institute of Standards and Technology (NIST). NIST launched a global competition, inviting researchers worldwide to propose, evaluate, and validate new algorithms for resilience. On July 5, 2022, NIST announced the first set of standardized algorithms, including: Key encapsulation mechanism (KEM) CRYSTALS-Kyber and Digital signature algorithms such as CRYSTALS-Dilithium, FALCON, SPHINCS+. In 2022, the U.S. National Security Agency (NSA) released an updated Commercial National Security Algorithm Suite (CNSA 2.0), mandating that national security systems (NSS) fully transition to PQC algorithms by 2033, with some cases required as early as 2030. CNSA 2.0 specifies CRYSTALS-Kyber and CRYSTALS-Dilithium as key quantum-resistant algorithms, alongside hash-based signature algorithms like XMSS (Extended Merkle Signature Scheme) and LMS (Leighton-Micali Signatures). By August 2024, NIST published its first three standardized PQC algorithms to ensure proper implementation: NIST also outlined a roadmap to phase out classical cryptographic algorithms like RSA-2048 and ECC-256 starting in 2030, with complete discontinuation by 2035. How should businesses prepare for the quantum era? To be ready for the transition to post-quantum cryptographic algorithms, the first step for businesses is to review their entire systems and technology infrastructure to identify where RSA and ECC algorithms are currently being used. Next, they should assess the potential impact on speed and performance when switching to more secure Post-Quantum Cryptography (PQC) algorithms. Based on this assessment, businesses can then develop a step-by-step transition plan, while engaging with customers and partners to align on the migration approach and begin the transition. Savyint PQC Lab: Vietnam’s First Post Quantum Crytography Platform for Digital Signatures, PKI, and Data Encryption As an international technology group with extensive expertise in PKI, Cryptography, Blockchain, Electronic Identification, Authentication, and Open Banking/Finance, Savyint proudly introduces the Savyint PQC Lab – Vietnam’s first post-quantum cryptography platform tailored for digital signatures, PKI, blockchain, and cryptographic solutions. This testing platform enables organizations to explore NIST-approved PQC algorithms, assess compatibility, performance, and impact without disrupting existing infrastructure. This is critical for financial institutions and fintech organizations aiming to comply with international standards such as FIDO2, PSD2, eIDAS, and PCI DSS. Key features of Savyint PQC Lab: Connect with Savyint’s experts today to lead the way into the post-quantum era!
SAVYINT is an Official Member of the Quantum Technology Network and Innovation and Cybersecurity Development Network
On August 25, at the Launch Ceremony of three Strategic Technology Innovation Networks organized by the Ministry of Finance, under the chairmanship of Deputy Prime Minister Nguyen Chi Dung, SAVYINT, as an official member of two out of three networks, introduced its Cybersecurity and Information Security Solution System, featuring two core components: PQC Lab – Vietnam’s first post quantum cryptography platform – and SAM Auth Server. To realize the objectives outlined in Resolution No. 57-NQ/TW dated December 22, 2024, by the Politburo, and Decision No. 1131/QĐ-TTg dated June 12, 2025, by the Prime Minister, the Ministry of Finance tasked the National Innovation Center (NIC) with collaborating with experts, scientists, and businesses to establish Strategic Technology Innovation Networks. Under the leadership of Deputy Prime Minister Nguyen Chi Dung, the Ministry of Finance organized the launch of three Innovation Networks, with key highlights: During the ceremony, Deputy Prime Minister Nguyen Chi Dung emphasized that Vietnam is entering a new development phase and must proactively seize the immense opportunities brought by the Fourth Industrial Revolution. The three Strategic Technology Innovation and Expert Networks will work alongside the Government, ministries, and businesses to shape strategies, develop policies, and promote research, development, and application of new technologies, transforming the country’s “challenges” into “great opportunities” for the future. SAVYINT is an official member of both the Quantum Technology Network and the Cybersecurity Innovation and Development Network. With over 20 years of research and experience, SAVYINT aims to serve as a catalyst, driving the growth of these alliances and their respective fields in Vietnam. At the event, SAVYINT unveiled its comprehensive Cybersecurity and Information Security Solution System, with SAM Auth Server and PQC Lab – Vietnam’s first post quantum cryptography platform for digital signatures, PKI, blockchain, and data encryption – garnering significant attention from attendees. Pioneering Post-Quantum Technology with SAVYINT PQC Lab As quantum technology advances rapidly, traditional encryption methods face the risk of being compromised. SAVYINT PQC Lab was developed to pioneer the application of posy-quantum technologies and algorithms, safeguarding digital signature systems, PKI, blockchain, and data encryption against threats from quantum computers. This platform not only meets current security requirements but also prepares for the future when quantum technology becomes widespread. It enables organizations to adopt NIST-approved Post-Quantum Cryptography (PQC) algorithms, test compatibility, performance, and impacts of PQC without affecting existing infrastructure or systems. This is particularly critical for financial and fintech organizations that must comply with international standards such as FIDO2, PSD2, eIDAS, and PCI DSS. SAVYINT PQC Lab utilizes Hardware Security Modules (HSMs) supporting NIST-standard PQC algorithms: ML-KEM (FIPS-203), ML-DSA (FIPS-204), and SLH-DSA (FIPS-205). It manages and automates the issuance of PQC digital certificates, scans and alerts for certificates requiring replacement per NIST and new security standards, and provides a flexible and secure sandbox environment for rapid testing, isolated from operational systems. With SAVYINT PQC Lab, businesses and organizations can ensure long-term data protection, prevent “Harvest Now, Decrypt Later” attacks, comply with NIST’s PQC standards, and adhere to the highest global data security regulations. This builds customer trust, enhances global competitiveness, and solidifies leadership in cybersecurity. SAM Auth Server – All-in-One Identity, Authentication and Security Solution SAM Auth Server is an all-in-one identity, authentication, and security solution developed by SAVYINT, leveraging advanced security technologies to address the growing complexity of securing information in digital environments. SAM Auth Server offers multi-layer authentication and security, integrating dedicated hardware and software, as well as smart biometric cards, while strictly adhering to domestic and international security standards such as FIPS 140-3, eIDAS, PSD2/PSD3, GDPR, FIDO2, and OIDC/OAuth2. It is a pioneering solution that applies Post-Quantum Cryptography (PQC) algorithms and tokenization technology, ensuring absolute security for data and transactions amid increasingly sophisticated cyber threats. With rapid integration, independent operation, and unlimited scalability, SAM Auth Server enables organizations and businesses to proactively manage digital identities, protect systems, data, and critical digital content, while optimizing costs, enhancing efficiency, and ensuring security across all digital operations. Comprehensive Cybersecurity and Information Security Ecosystem In addition, SAVYINT introduced a comprehensive Cybersecurity and Information Security Solution System designed to meet the diverse needs of organizations and businesses in protecting sensitive information, ensuring data security, and complying with international regulations. This system includes a range of standout solutions: The application of advanced cybersecurity and information security technologies serves as a robust shield for organizations and businesses in the digital era. Contact us today to start preparing for a sustainable and secure digital future. Event highlights:
Savyint launches the first PQC Lab in Vietnam, pioneering the post-quantum security era
Savyint officially announces the Savyint PQC Lab – the first post-quantum cryptography (PQC) security platform in Vietnam dedicated to digital signature, PKI, cryptography infrastructure, and data encryption solutions. Post-Quantum Security – No Time to Delay With the rapid rise of technology, quantum computers are approaching the ability to break traditional cryptographic algorithms such as RSA and ECC, which have safeguarded global data for decades. To counter this challenge, Post-Quantum Cryptography (PQC) has emerged, leveraging entirely new and complex mathematical problems, such as code-based, lattice-based, hash-based methods, and others, to ensure resilience against both classical and quantum computers. Recognizing the serious threat quantum computing poses to current security systems, in 2024, the U.S. National Institute of Standards and Technology (NIST) announced the first three standardized PQC algorithms to ensure proper adoption of new cryptography: ML-KEM (FIPS-203), ML-DSA (FIPS-204), and SLH-DSA (FIPS-205). NIST also published a roadmap: starting in 2030, classical algorithms such as RSA-2048 and ECC-256 will begin to be phased out, and by 2035, they will be fully retired. This means that organizations and enterprises worldwide must develop roadmaps to adapt and transition their security infrastructures to PQC algorithms, in order to defend against financial data breaches via “Harvest Now, Decrypt Later” attacks. Moreover, implementing PQC standards is a complex process that may take 5–10 years, requiring organizations to prepare not only in terms of technical infrastructure, but also through long-term strategy, workforce training, and safe sandbox testing before large-scale adoption. Therefore, preparing today is the foundation for organizations to proactively defend against attacks targeting sensitive data and to build a sustainable security ecosystem for the post-quantum era. Savyint officially launches the first PQC Lab in Vietnam As an international technology group with extensive expertise in PKI, cryptography, blockchain, digital identity, electronic authentication, and open banking/finance, Savyint proudly introduces the Savyint PQC Lab – the first post-quantum security lab in Vietnam, dedicated to digital signature, PKI, blockchain, and advanced cryptography solutions. The Lab provides a testing environment that enables organizations to familiarize themselves with NIST-approved PQC algorithms, while evaluating compatibility, performance, and impact – without disrupting existing infrastructure or operational systems. This is particularly vital for financial institutions and fintech companies that must ensure compliance with international standards such as FIDO2, PSD2, eIDAS, and PCI DSS. Key features of Savyint PQC Lab: Mr. Steve Hoang, CTO & Chairman of Savyint Group, emphasized: “Transitioning to PQC is a 5–10-year journey that demands strategic vision and persistent execution. The Savyint PQC Lab is the tool that enables enterprises to embark on this journey safely, swiftly, and proactively.” Currently, Savyint is collaborating with leading global technology and security partners such as Entrust, Kryptus, and FutureX to develop large-scale quantum-safe solutions applicable to critical sectors, including PKI and digital certificates, data security, network and telecommunications infrastructure, and industrial and defense applications. The launch of the Savyint PQC Lab is not only a technological milestone but also a bold statement of Savyint’s pioneering role in the post-quantum era, partnering with global enterprises to build a secure, sustainable, and trustworthy digital future.