Gabriel Soriano

1
SWIFTThe Financial Industry Infrastructure for
Secure Messaging

• Gabriel Soriano
• October 4th, 2006
• NYSSCPA Banking Convention

2
Agenda
1 Overview of SWIFT
2 Access to the SWIFT interface
3 Access to the SWIFT network
4 Message integrity, confidentiality controls
5 Messaging Service and Interface Control
functions
3
Introducing SWIFT
4
The SWIFT community
banks found SWIFT
- broker/dealers - central depositories
clearing institutions - exchanges
securities market data providers
1973
1987
2004
travellers cheque issuers
fund administrators
1988
2002
money brokers
1989
MA-CUGs
2001
- registrars transfer agents - custody
providers - trust or fiduciary services companies
1990
2000
securities MIs
1999
1992
- treasury counterparties - treasury ETC service
providers
investment managers
1998
1995
1996

• - payments MIs
• proxy voting agencies
• non-shareholding financial institutions

trading institutions
treasury securities ETC service providers
5
SWIFT governance
National Bank of Belgiumand G-10 Central
Banks Board Board Committees National Member
Groups User Groups SWIFT members SWIFT
community
Oversight Governance
6
Sibos forum for industry dialogue

• Financial industrys premier event
• Global forum to debate strategic issues
• Conference, exhibition, networking
• 6,000 executives and technology managers
• 2007 Boston, US, 1-5 October

7
Working with SWIFT Partners

• Solution Partners Providers of business
  applications, middleware, and interfaces
• Service Partners Implementation and integration
  of connectivity and SWIFTSolutions
• Business Partners Marketing and selling SWIFT
  products
• Network Partners ATT, Colt, Equant, BT Infonet

8
SWIFT figures (July 2006)
2.5 billion messages per year 7,940
customers 206 countries Average daily traffic
11.2 million messages Peak day of 12.8 million
messages 30 June 2006
9
SWIFTNet FIN messages by market (July 2006)
Trade 27 million mgs
Treasury 104 million mgs
Payments 895 million mgs
Securities 605 million mgs
10
Traffic and Pricing Harnessing economies of scale
Price (EURcent/msg)
Traffic (Millions of messages)
50
3000
Traffic
45
2500
40
35
2000
30
1500
25
20
1000
Price
15
500
10
5
0
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006E
11
Extending reachEmbracing the business community
Corporates
Securities
Banking andPayments
12
Banking Market Infrastructures July 2006
Live
Kuwait (RTGS) Latvia (LVL) Luxemburg (LIPS) Malta
(MARIS) Mauritius (MACSS) Namibia
(NISS) Netherlands (TOP) New Zealand (AVP) Norway
(NICS) Oman (RTGS) Philippines (PPS) Romania
(REGIS) Slovenia (SIPS) South Africa (BOP - RTGS
- SAMOS)
Spain (NSLBE - SLBE) Sri Lanka (LankaSettle) Swede
n (RIX) Switzerland (Remote Gate) Tanzania
(TISS) Thailand (BAHTNET/2) Trinidad Tobago
(SAFE-TT) Uganda (UNIS) United Kingdom (CHAPS-
CHAPS- / Enquiry Link) United States
(CHIPS) Venezuela (PIBC) Zambia (RTGS) Zimbabwe
(ZETTS) West African States (BCEAO)
Albania (AIP) Algeria (RTGS) Angola
(PTR) Australia (PDS) Austria (ARTIS) Azerbaijan
(AZIPS) Bahamas (BHS) Barbados (BDS) Belgium
(ELLIPS) Bosnia Herzegovina (BIH) Bulgaria
(BGN-RINGS) Canada (LVTS) Chile (Netting -
LBTR) CLS Bank Croatia (HSVP)
Denmark (DDK-KRONOS) Egypt (CBE) EBA Clearing
(EURO1/STEP1) ECB (TARGET) Finland (BOF) France
(CRI PNS/TBF) Germany (RTGSPlus) Ghana
(GISS) Greece (HERMES) Guatemala (RTGS) Hungary
(VIBER) Ireland (IRIS) Italy (BIREL) Jordan
(RTGS) Kenya (KEPSS)
Implementation
Planning/Discussion
Bahrain (RTGS) Lesotho (RTGS) Botswana
(RTGS) Morocco (RTGS) Central African States
(BEAC) Pakistan (RTGS) Eurosystem
(TARGET2) Singapore (MEPS) Israel
(RTGS) Tunisia (RTGS)
Fiji (RTGS) Georgia (RTGS) Lebanon
(RTGS) Palestine (RTGS) Peru (RTGS) Russian
Federation (RTGS)
High-Value Payments
13
Community and Business dimensions
14
SWIFT

• Business and Technical Messaging Communications
  across the lifecycle of a financial transaction
• SWIFT does NOT provide clearing or settlement
  services
• SWIFT does not hold accounts or assets
• Participants are responsible for their data
• SWIFT is neutral, apolitical and user-owned

Slide 14
15
Introducing SWIFT
16
Message categories

• 0 System messages
• 1 Customer transfers cheques
• 2 Financial institutions transfer
• 3 Foreign exchange, money markets derivatives
• 4 Collections cash letters
• 5 Securities markets
• 6 Precious metals syndications
• 7 Documentary credits guarantees
• 8 Travellers cheques
• 9 Cash management customer status

17
Message structure
18
SWIFTStandards developmentA business centric
approach
Business process modelling
SWIFTNet
Marketpractice
Applications
Integration
Standards
Partners
SWIFT
19
SWIFTStandardsPayments market
Ordering customers financial institution
Beneficiary customers financial institution
MT 9xx
MT 9xx
MT 101
Payment Initiation (CT DD)
Exceptions Investigations
Ordering customer
Beneficiary customer
FIN-based
XML-based (under construction)
20
Introducing SWIFT
21
Single access infrastructure

• Payments
• Foreign Exchange
• Securities
• Account Reporting

• Messaging Services
• FIN
• FileAct
• InterAct
• Browse

Applications
Trade
ABC Bank
Treasury
XYZ Bank
SWIFTNet interface
Payments
Other Bank
Investigation
Any Bank
22
SWIFT product stack
SWIFTSolutions Payments ? Treasury ? Trade ?
Securities
Directories and Information Services
Messaging Services
Interfaces
Secure IP Network (SIPN)
23
Identify potential risks in the following areas

• Access to the SWIFT interface
• Access to the SWIFT network
• Integrity/confidentiality of the SWIFT messages
• Integrity of the message flow

24
SWIFT interfaces

• Open and close connection to STN/SIPN
• Send messages to SWIFT
• Receive messages from SWIFT
• Manually enter messages

• Accept messages from a back office application
• Send messages to a back office application
• Send messages to a printer

25
SWIFT interfaces

• SWIFTAlliance Access
• SWIFTAlliance Entry
• MERVA/ESA
• TURBO SWIFT
• STELINK
• MINT
• FASTWIRE
• BESS
• NOVA SWIFT
• ...

26
Connecting to SWIFTNet Many ways of
implementing
Communication Layer
SWIFTNet Services
Messaging Layer
Business Layer
Middleware
Back Office application
Communication Interfaces
Messaging interfaces
Back Office application
SWIFTNet
Middleware
Back Office application
Back Office application
Your counterparty
.
Back Office application
27
SWIFTAlliance interface
Middleware Layer
Communication Layer
SWIFTNet Services
Messaging Layer
Application Layer
SWIFTAlliance Gateway (SAG) SWIFTAlliance
Starter Set (SAS)
SWIFTAlliance Access (SAA) SWIFTAlliance Entry
(SAE)
SWIFTNet
You
Your counterparty
28
Signing on to the SWIFT interface
29
Passwords

• Initialisation password
• Master password

• Passwords documents available ?
• Access to passwords documents ?

30
Users of the SWIFT interface

• Anonymous names vs Personal operator names
• Are all operators still using the interface?

31
Enabling an operator

• Automatic enabled when approved by both LSO and
  RSO

32
Disabling an operator

• Automatic after too many wrong passwords
• Manually by LSO, RSO or anybody with disabling
  permission

33
Security parameters

• List of configuration parameters
• e.g. user period, max of bad passwords
• only visible by LSO and RSO

34
SWIFTAlliance Segregation of duties
Creation
Verification
Authorisation
Approval
Modification
35
Profiles

• Each operator has minimum one profile
• a profile defines the applications, functions and
  permissions for one or more operators
• one profile can be given to several operators
• if permissions change, then the operators are
  disabled. LSO and RSO must re-approve these
  operators

36
Profile details

• A profile has 3 levels
• applications
• functions
• permissions

37
Permission details

• Prohibited nothing no restrictions
• Allowed are all MTs starting with 1, 2 and 9
• SWIFT FIN system MTs not allowed

38
What to check in a profile?

• Access control
• Message Creation and Modification
• Message Approval
• Message File
• Security Definition

39
Identify potential risks in the following areas

• Access to the SWIFT interface
• Access to the SWIFT network
• Integrity/confidentiality of the SWIFT messages
• Integrity of the message flow

40
SWIFTs Secure IP Network (SIPN)
Network Partner
Swift
Swift
Customer
Network Partner 1
Customer
POP
SIPN Backbone Network
Network Partner 2
M-CPE
IPsec tunnels provide end-to-end protection
through the untrusted vendor IP networks
OPCs
Backbone Access Points
SIPN Access Network
SIPN
41
Security equipment needed to connect to FIN

• Card readers
• Integrated Circuit Cards (ICCs)

Bank A
Bank B
42
Secure Card Reader (SCR)

• Functions related to BKE and SLS services
• Configuring and managing ICCs
• PIN updates
• SCR configuration

43
Integrated Circuit Card (ICC)

• contains functional elements of microcomputer
• embedded chip within the card
• works only when inserted into card reader
• protected by 1 or 2 PINs
• unique reference SWIFT Card Number (SCN)

44
Connecting to the SWIFT networkSecure Login and
Select (SLS)
FIN
APC
LTC
45
Manual Login and Select

• Insert USER ICC in the card reader
• use the CBT to send Login and Select to SWIFT

46
Automated Login and Select

• No operator intervention
• USER ICC must be in card reader on Login and
  Select
• or Session Keys must have been downloaded in
  advance

47
Disconnecting from the SWIFT network
FIN
APC
LTC
48
SWIFTNet FIN Phase 2
PKI FIN Access control PKI End-2-end
security RMA Relationship mgt.
SWIFTNet
PKI
FIN
HSM
PKI
PKI
HSM
SWIFTNet FIN interface
SWIFTNet FIN interface
PKI
49
Identify potential risks in the following areas

• Access to the SWIFT interface
• Access to the SWIFT network
• Integrity/confidentiality of the SWIFT messages
• Integrity of the message flow

50
Authentication

• applied on user-to-user messages
• assures identity of sender
• integrity of message text
• mandatory for most message types

51
Authenticator keys what to check?

• Keys regularly changed ?
• Still correspondent relationship ?
• Keys securely stored ?
• Procedure for unsuccessful BKE ?
• Procedure for messages that failed authentication?

52
Local Authentication

• authentication between back-office application
  and SWIFT interface

53
Integrity of the message flow session numbers
FIN
APC
LTC
54
Sequence numbers
55
Message Input Reference (MIR)
031020ABNKBEBBAXXX0142123456
input session number
input sequencenumber
input date
senders address
56
Message Output Reference (MOR)
031020ABNKBEBBAXXX0142654321
output session number
output sequencenumber
output date
receivers address
57
Routing in the SWIFT interface
printer 1
printer 2
application
58
Routing in the SWIFT interface

• Are all messages accounted for ?
• Are all the messages routed to the right place ?
• Is there any specific routing for received
  messages with PDE or PDM trailer ?

59
Interface/Network Audit Trails
60
Message File

• keeps copy of all messages
• status and history of messages can be checked

61
Identification of a message UUMID

• (Unique) User Message Identifier

IBNPAFRPPXXX202TR7823689
input/output message
senders reference
MT
correspondent
62
Event Journal

• events in the SWIFT interface
• actions initiated by the software or actions by
  users

63
Search function in Event Journal

• Search on
• date and time
• class and severity
• operator
• description of the event

64
MT 081 Daily Check Report

• lists number of messages sent and received for
  all APC or FIN sessions closed since previous MT
  081
• generated daily at approximately midnight local
  time, provided APC and FIN are closed

FIN
APC
LTC
65
MT 082 Undelivered Message Report

• received from SWIFT every day
• lists all undelivered messages at generation time
  messages sent by your institution but not yet
  received by your correspondent

66
Example of an auditors profile
Applications Functions Permissions
Access Control Signon Start and
End time
Applic. Interface Open/Print Partner First
part Local Aut Key Yes
BK Management Open/Print Communicating Pair
(pre-agree/keys) Access CP Prohibited nothing
Event Journal -
Message File Search Completely hide messages of
other unitsNo
Security Definition -
67
Making financial messagingsafer and less costly