PostFinance explores Confidential Computing technology with CYSEC

PostFinance, the fifth largest retail financial institution in Switzerland, has subcontracted CYSEC to give support in its exploration of Confidential Computing technology in cloud environments.


Most financial institutions now have a cloud presence, but public cloud adoption by the financial service sector is still at a relatively early stage. Of the financial service leaders who took part in a recent McKinsey survey, only 13% had half or more of their IT footprint in the cloud. But migration to the cloud is accelerating. More than half of those surveyed – 54% – said they planned to move at least half of their workloads to the public cloud in the next five years. To help in the cloud migration, Confidential Computing technology protects data in-use, i.e. while data is in volatile memories.

This protection is particularly interesting in the context of migration of sensitive data or services in public clouds because it offers a technical solution to the protection of data processed in processing units shared between several end-users and hosted by a third-party organization.
CYSEC, a European data security company, is a leader in solutions using Confidential Computing technology.

It leverages this technology through its hardened Linux-based microdistribution called ARCA Trusted OS. PostFinance explored the field of Confidential Computing to understand and assess the value this technology can offer in several targeted use-cases based on public and private clouds.

“As a leading organization in digital finance services, PostFinance is pleased to have benefited from Cysec’s expertise and know-how on Confidential Computing. The main goal of the established collaboration with Cysec was to develop options for the use of Confidential Computing in the public and private cloud and to assess the value these options can bring to PostFinance’s business”.

Thomas Goetz, Head TechLab and Deputy Head PostFinance

The study made between Cysec and PostFinance included a proof of concept consisting of a PostFinance service executed in a public cloud and protected by both Confidential Computing and ARCA Trusted OS. At the end of the
mandate, PostFinance teams had a clear and broad understanding of the Confidential Computing technology, the ecosystem working on its development and commercialization, and the benefits it can bring in several PostFinance use-cases.

“We have analyzed a growing demand from banking institutions to explore confidential computing as a means of migrating their data to the cloud. In fact, data in-use is becoming increasingly exposed with the advent of cloud computing”

Matthieu Legré, VP of Product at CYSEC

Based on the results of this mandate with Cysec, PostFinance considers continuing to explore the use of Confidential Computing and ARCA Trusted OS in business use-cases that are under specifications.


CYSEC is a European data security company, based in Lausanne and Paris, providing a software solution in Confidential Computing, which enables companies to secure workloads on distributed infrastructures. The company provides a Trusted Execution Environment for containers and helps them to secure and deploy sensitive data on distributed architecture from Data center to the Cloud to the Edge.

Founded in 2018 by experienced cybersecurity experts, CYSEC is now counting more than 30 employees, with more than 10 experts dedicated to the space industry.

Indeed, CYSEC is pioneering end-to-end, European and off-the-shelf cybersecurity products for newspace missions.



PostFinance is the financial services unit of Swiss Post which was founded in 1906. As of 2023, it is the fifth largest retail financial institution in Switzerland. Its main area of activity is in national and international payments and a smaller but growing part in the areas of savings, pensions and real estate.

VNTR by PostFinance focuses on future-oriented topics, technologies and business models which have not yet been embraced at PostFinance.