France stops certifying products lacking quantum-safe encryption

France just drew a line in the sand on quantum security. The country’s national cybersecurity agency, ANSSI, announced that beginning in 2027, it will no longer certify security products that fail to incorporate quantum-resistant encryption.

What ANSSI actually announced

The announcement came on June 16 at the France Quantum conference. ANSSI’s chief of staff, Samih Souissi, laid out the timeline: certifications dry up for non-quantum-safe products starting in 2027, with a full transition to quantum-safe products targeted for 2030.

The policy specifically targets conventional cryptographic algorithms like RSA and ECC. These are the mathematical frameworks that underpin most of today’s digital security, from government communications to banking systems to blockchain networks.

This isn’t a bolt from the blue. ANSSI published a position paper on post-quantum cryptography transitions back in 2022. A follow-up study in March 2025 painted a less-than-reassuring picture, revealing that 38 surveyed organizations lacked any transition plans whatsoever.