Nicolas Neufkens

1
Technical Seminar, March 2006, Paris
SWIFTNet for the Single Shared Platform

• Nicolas Neufkens
• SWIFT
• Market Infrastructures Solution Architect

2
Agenda
Introduction
A comprehensive set of services for TARGET2
SWIFT connectivity for TARGET2
How to get prepared for TARGET2
3
SWIFTNet infrastructure for SSP
Bank A
Ancillary System
SWIFTNet
Internal payment system
SWIFTNet FIN
SWIFT interface
payment message
SWIFTNet FIN Copy
settlement request
authorisation/
refusal
SWIFTNet InterAct Real-time cash management
SWIFTNet FileAct Real-time reporting
SWIFTNet Browse On-line visualisation of
information
Payment module (PM)
Ancillary System Interface
Central SWIFT interface (PI)
Payment processing Bank A Bank B
Information control module (ICM)
SWIFTNet services
FIN/FIN Copy
4
Three complementary core SWIFTNet messaging
services
Browsing
Secure browsing with standard internet
technologies. Appropriate for data exchange in
thin-client browser-based financial solutions. To
be used with SWIFTNet InterAct and FileAct.
SWIFTNet Browse
Messaging
Secure, reliable, and STP-oriented. Appropriate
for exchange of individual structured financial
messages and short reports.
SWIFTNet messaging
SWIFTNet InterAct
File transfer
SWIFTNet FileAct
Secure, reliable, and flexible. Appropriate for
exchange of batches of structured financial
messages and large reports
5
SWIFTNet Browse overview
Service user
Service provider
SWIFTNet
Webstation (running SWIFTAlliance WebStation and
a standard Browser)
Web Server and SWIFTNet Link
SWIFTNet Browse enables secure browser-based
access (over SIPN) from an operator using a
standard browser and SWIFTAlliance WebStation to
a service providers web server
Typically used in conjunction with
SWIFTAlliance Gateway
6
SWIFTNet Browse overviewSWIFTNet Browse
transparently combines two communication
mechanisms
HTTP-S channel only authenticates the system of
the end user
Service user
Service provider
Using non-managed Web certificates
HTTP-S
SWIFTNet
InterAct/FileAct
Web Server SNL
Webstation
InterAct / FileAct channel authenticates the end
user
Using managed SWIFTNet PKI certificates
SWIFTNet Browse allows to initiate InterAct or
FileAct exchanges via a secure browser link. By
doing so sensitive data can be exchanged with all
the security and reliability inherent to the
SWIFTNet platform, while preserving the benefits
of a browser-based environment.
7
Key characteristics of SWIFTNet Browse (when
used with SWIFTNet InterAct/FileAct)
Highly secure reliable

• Integration with SWIFTNet InterAct / FileAct for
  security sensitive data
• HTTP-S exchanges secured with web-certificates
  for non-sensitive / un-structured exchanges
• Closed User Group control
• SIPN

Standard technologies

• Client uses standard browser to navigate
• HTTP-S for screens and InterAct for transactions
  or FileAct for file transfers

Thin client

• Service provider does not install software at
  client side

Single Window

• Re-utilization of existing SWIFTNet infrastructure

8
Three complementary core SWIFTNet messaging
services
Browsing
Secure browsing with standard internet
technologies. Appropriate for data exchange in
thin-client browser-based financial solutions. To
be used with SWIFTNet InterAct and FileAct.
SWIFTNet Browse
Messaging
Secure, reliable, and STP-oriented. Appropriate
for exchange of individual structured financial
messages and short reports.
SWIFTNet messaging
SWIFTNet InterAct
File transfer
SWIFTNet FileAct
Secure, reliable, and flexible. Appropriate for
exchange of batches of structured financial
messages and large reports.
9
SWIFTNet InterAct is used in Real-time mode query
response (ICM)
Used either in the context of person-to-applicatio
n solutions (with SAB) or application-to-applicati
on (with SAG)
Real-time query response

• SWIFTNet InterAct Q R real-time exchange of
  information
• XML messages for SWIFTNet InterAct Cash
  Management Standards
• Access to the SSP (mandatory and optional
  modules) through SWIFTNet InterAct
• Payments queue management
• Liquidity management
• Management of reservation and limits
• etc

10
SWIFTNet InterAct is used in Real Time Messaging
and Real Time Store-and-Forward mode (ASI)
Store-and-forward message transfer
used in the context of application-to application
solutions communication
Real-time messaging

• SWIFTNet InterAct SnF for procedures 1, 2, 3, 4,
  5 and 6 and Collateral management
• SWIFTNet InterAct RT for procedures 6 and
  Collateral management

11
Key characteristics of SWIFTNet InterAct
12
Real time mode
Message Delivery Real Tine SWIFTNet routes
message to Service Providers prime or backup
site SnF SWIFTNet routes message to Service
Providers delivery queueu
Client
Service Provider
SWIFTNet
Authen-tication check
Service check
Routing
Authen-tication check
MV-SIPN
13
Three complementary core SWIFTNet messaging
services
Browsing
Secure browsing with standard internet
technologies. Appropriate for data exchange in
thin-client browser-based financial solutions. To
be used with SWIFTNet InterAct and FileAct.
SWIFTNet Browse
Messaging
Secure, reliable, and STP-oriented. Appropriate
for exchange of individual structured financial
messages and short reports.
SWIFTNet messaging
SWIFTNet InterAct
File transfer
SWIFTNet FileAct
Secure, reliable, and flexible. Appropriate for
exchange of batches of structured financial
messages and large reports
14
Key characteristics of SWIFTNet FileAct
15
Non-repudiation

• In case of dispute, SWIFT can confirm that a
  message/file exchange did take place as claimed

What?

• Optional feature when selected, triggers
  archive of message or file header at SWIFT
• During 124 days, sender or receiver can request
  SWIFT to retrieve it
• Provides proof of origin (who sent it), timestamp
  , integrity (content did not change), intended
  recipient, response from recipient (if the case),
  actual content (for messages only)

Details

• Should be used for important transactions (e.g.
  instructions, orders, confirmations,
  cancellations, notifications, ...)
• Service Administrator may have specific rules

When to use?
16
RBAC (Role Based Access Control)

• Provides granular control of user access to
  business services or functions based on
  pre-defined roles

What?

• Optional use - Service Administrator decides if
  RBAC is applicable
• Service Administrator defines roles for the
  service, and optionally, rules implemented by the
  application
• SWIFT only allows traffic from senders with
  required role
• SWIFT can provide the role information to the
  receiving application (optional)
• Security Officers grant roles to users in their
  institution. Users roles are stored centrally at
  SWIFT.

Details
17
Store-and-forward pull (ICM)

• The sender sends a message or file and SWIFT
  stores it on a queue in the central SWIFTNet
  until the intended receiver connects to SWIFTNet
  and is ready to receive it.

What?

• The receiver explicitly asks SWIFTNet for a
  message or file.
• Receiver uses a SNL client application to sent a
  request to the SnF service, which will then reply
  by sending the stored message or file.
• The sender and receiver do not need to be
  connected at the same time to SWIFTNet

Details
18
Store-and-forward push (ICM and ASI)

• The sender sends a message or file and SWIFT
  stores it on a queue in the central SWIFTNet
  until the intended receiver connects to SWIFTNet
  and is ready to receive it

What?

• The receiver automatically receives stored
  messages or files from the SnF service
• Receiver uses SNL server application to receive
  it (Inter/File-Act request) to reply back by an
  acknowledgement (Inter/File-ActAct response)
• The sender and receiver do not need to be
  connected at the same time to SWIFTNet

Details
19
Store-and-forward queues

• For store-and-forward services each receiver
  defines routing rules on which queues, defined
  at SWIFT, will the received traffic be stored.
• One queue can receive traffic from more than one
  service.
• Receivers interface reads queue and routes
  traffic appropriately to back office applications
• Users can define extra queues if needed for
  operational reasons (e.g. if different interfaces
  handle different traffic) or other types of
  traffic (e.g. messages versus files)

Use of queues

• Each user automatically gets a generic queue
  with a default routing rule
• Incoming traffic arrives on this queue

Generic queue

• If needed, users can define extra queues
• Their routing rules define which traffic arrives
  on which queue

Extra queues
20
Agenda
Introduction
A comprehensive set of services for TARGET2
SWIFT connectivity for TARGET2
How to get prepared for TARGET2
21


Connectivity for TARGET2 Two different
approaches

• Application-to-application mode
• Applicable to ICM and ASI
• Information and messages will be transferred
  between the SSP and the individual participants
  internal application.
• Therefore the participant must
• Develop its own application
• Adapt an existing application or
• Purchase an appropriate solution

• User-to-application mode
• Applicable to ICM
• The objective is to permit direct communication
  between a participants users and ICM.
• The information is displayed in a browser running
  on a PC system (SWIFTAlliance Webstation)
• Participants do not need to develop a special
  application.

22
Possible interface for accessing TARGET2
User-to-Application
Application-to- Application
Access mode
User profile
Any user
- SWIFTAlliance WebStation - SWIFTAlliance
Gateway WebStation concentration
SWIFTAlliance Gateway Single Window
SAA/E users
SWIFTAlliance Starter Set
Assumption user is already SWIFTNet FIN user
23
SWIFTAlliance Gateway Single Window

• The typical SAG Licence
• License price based on traffic
• License includes one Host Adapter (RAHA or MQHA)
  one Agent (FTA or TDA), 5 concurrent users and
  1 SAB Base license
• Upgrade of Agents Host Adapters possible, price
  depending on traffic tier
• Value added versus SAG automation
• Full SWIFTNet concentrator
• SAG in the DMZ
• Scalability, resource optimisation
• Resilience
• Connectivity
• Connectivity Pack 2 to 5

SAB
CLS gateway
FIN Interface
RA
SAG
Browse, InterAct FileAct for any services
DMZ
24
Integration Solution provided by Solution Partner
Communication Layer
Network Layer SWIFTNet Services
Messaging Layer
Application Desktop Layer
SWIFTAlliance Access / Entry
Financial application
SWIFTAlliance Gateway
SWIFTNet
Service specific interface

• Allows integration with the Back Office through
  a middleware solution.
• DMZ architecture supported.
• Extra license required from the vendor.
• Monitoring provided through the vendor software.

This solution does not require any specific
development
SWIFTNet Ready Solution providers
www.swift.com/partners
25
SWIFT Partners provide interface integration
solutions for SWIFTNet FileAct
26
Integration Solution by in house development
Communication Layer
Network Layer SWIFTNet Services
Messaging Layer
Application Desktop Layer
SWIFTAlliance Access / Entry
SWIFTAlliance Gateway
SWIFTNet
Financial application

• Financial application connects directly to SAG
• Obtain the SWIFTAlliance Gateway Development
  toolkit to develop the
• integration with SAG via 2 options
• Remote APIs (only Solaris, AIX, Window)
• MQ Host Adaptor

This solution requires specific development
27
SWIFTAlliance offering for TARGET2
28
Agenda
Introduction
A comprehensive set of services for TARGET2
SWIFT connectivity for TARGET2
How to get prepared for TARGET2
29
SWIFT Training programme for TARGET2
Provides technical background information to
enable a smooth migration and implementation

• Different modules according to your role and
  requirements
• Business overview of TARGET2
• Technical infrastructure and file transfer
• Technical modules on the SWIFTAlliance
  interfaces

• www.swift.com/training

30
SWIFT supports the migration to TARGET2

• Ad-hoc participation of SWIFT to the migration
  task force
• Your Relationship Manager is your single window
  to SWIFT
• Your service partner can help you to implement
  your technical solution

31
(No Transcript)