Key Security features of SWIFT financial messagingisaca.org.hk/document/Key Security features of SWIFT financial... · Key Security features of SWIFT financial messaging and what

Page 1

www.swift.com © S.W.I.F.T. SCRL 2002

Slide 1

Key Security features of SWIFT Key Security features of SWIFT financial messaging and what it financial messaging and what it means for auditing an means for auditing an institutioninstitution’’s SWIFT operationss SWIFT operations

Daniel De WeyerSWIFT Senior Relationship Manager ISACA Hong Kong13 November 2007

Slide 2

ISACA 2007ISACA 2007

AgendaAgenda

1. Who is SWIFT

2. Connecting to SWIFT: access models, interfaces and resiliency

3. Security environment

4. The FIN service: message security and monitoring

5. Summary elements in the scope of a SWIFT operations audit

Slide 3


Who is SWIFT?Who is SWIFT?

A co-operative organisation serving the financial services industry

A provider of highly securefinancial messaging services

The financial standardisation body

Slide 4


SWIFTSolutions

Harnessing businessprocess modelling

SWIFTNet SWIFTNet -- Single window access to the Single window access to the financial worldfinancial world

SWIFTNet FIN

Enabling thecommunity

‘Serving you toserve your customer’

Extended

client reach

Market infrastructures

Single windowaccess to MIs

BANKCCLL

Standards, platform, community

Page 2


Slide 5


AgendaAgenda

1. Who is SWIFT





Slide 6


Multi Vendor architecture overviewMulti Vendor architecture overview

Access networksLocal loopsCustomer premises Backbone

Customer

A

Customer

B

M-CPE

Backbone

Access

Points

OPCs

SIPN

Backbone

Network

POP

Network

Partner 3

Network

Partner 2

Network

Partner 1

Dial-up

VPNbox

Modem(TA)

VPNbox

VPNbox

Slide 7


MVMV--SIPN the coSIPN the co--existence of network partners existence of network partners

Orange BusinessServices

(ex Equant)

Slide 8


Direct ConnectivityDirect Connectivity

C O

S T

F UN C T I O N A L I T Y

(Dial-up)

Dual-I

Multi-Line (Single-P’s)

Dual-P

Dual-I DSL

Dual-I ISP

Page 3


Slide 9


SWIFT Platform SWIFT Platform OverviewOverview

SA-Workstation

VPNbox

SWIFTAlliance Access / Entry

SWIFTAlliance Gateway

SWIFTNet

Financial application

Service specific interface

Communication Layer

Network Layer &SWIFTNet Services

MessagingLayer

Application & DesktopLayer

SAM

AppWebServer

MT-MXMT-MX

Browser

MT- MX

Financial

Application

MT-MX-FpML

Automation

MT

SA-Webstation Browse, FileAct, InterAct & SAG admin.

RMA

MT-MXFpML

MT-MX

FpMLFpML

SWIFTNetMail

E-mailserver

E-mailclient

Slide 10


SWIFTAlliance GatewaySWIFTAlliance GatewayEx:Ex:Highly resilient Highly resilient configconfig..

SAG 2

CLS gateway

FIN Interface

SAB

SAG 1

RA RARAMQ

DMZ

SAG

CLS gateway

FIN Interface

SAB

RA RARAMQ

Site 1 Site 2

DMZ

Dual-P Dual-P

Legend: Primary route(s)

Secondary routeCold-Backup route

Slide 11


SWIFTAlliance GatewayUser

Application

SNL API

SNL

Application

MQHA

Application

RAHA

SNL API

SAG APIApplication

FTI

FT

Icom

man

dlin

e

Application

FTA

IBM MQ API

Integration into SWIFTAlliance GatewayIntegration into SWIFTAlliance Gateway

RAHA

TDA

Application

IBM MQ API

InterAct &FileAct

FileAct

managed bySAG

SWIFTNet unaware

InterAct &

FileAct

Application

WSHA

SOAP over

HTTPs

New6.0

Slide 12


SWIFTAllianceSWIFTAlliance Access / WorkstationAccess / Workstation

Page 4


Slide 13


Integration into Integration into SWIFTAllianceSWIFTAlliance AccessAccess

SWIFTAlliance Access

User

Application

MQSA

ADK APIs

User

Application

AFT

User

Application

ADK APIs

User

Application

CASmf

CAS

CASmf APIsIBM MQ APIs

User

Application

Self-made

CAS text

Slide 14


SWIFTAlliance WebStation SWIFTAlliance WebStation

Browser-based SWIFTNet Interface

– includes SNL running in browser

– includes SWIFTNet administrative GUIsFocus on person-to-application communications

Only client role (cannot be called by a Requestor)

InterActFileAct

request

reply

client server

Slide 15


SWIFTAlliance WebStationSWIFTAlliance WebStation

Supports two types of solutions

– Browsing solution

– Service specific workstation : additional software must be installed locally for GUI functionality

InterAct

FileAct

request

reply

client server

https

Slide 16


SAG SNL

(1)

(2)

SIPNSIPN

SWIFTAlliance WebStationSWIFTAlliance WebStation

Two ways to install SWIFTAlliance WebStation :– (1) Directly connected to the network– (2) Connected to the network via SWIFTAlliance Gateway.

Page 5


Slide 17


SWIFTAllianceSWIFTAlliance WebStationWebStation GUIGUI

PKI Management

Managing SAG

File Transfer

Browser

Slide 18


SWIFTAllianceSWIFTAlliance MessengerMessengerFunctionalFunctional OverviewOverview

Browser based message entry faci lity for both “MX” and “MT” messages

Verification [MT], and authorisation of messages in line with the SAA 4-eyes principle configuration

Querying recent and archived messages

Validates the input messages before submitting them, and assists the user in correcting errors

On line help facility

Message printing faci lity

Offers functionality to create and share re-usable templates

Can be customized to corporate look and feel

Slide 19


SWIFTAllianceSWIFTAlliance MessengerMessengerWelcome screenWelcome screen

Slide 20


AgendaAgenda

1. Who is SWIFT





Page 6


Slide 21


SWIFTNet messaging servicesSWIFTNet messaging services

– Messages with MT standards and rules

– Store-and-forward

– Feature-rich

SWIFTNet SWIFTNet

FINFIN

SWIFTNet SWIFTNet

InterActInterAct

SWIFTNet SWIFTNet

FileActFileAct

– File transfer for data intensive applications

– Standards and rules

– Store-and-forward and real-time

– Messages and query-and-response

– MX standards (XML-based) and rules

– Store-and-forward and real-time

SWIFTNet SWIFTNet

BrowseBrowse

– Secure browsing

– Complements InterAct, FileAct, and FIN

Slide 22


BKE process flowBKE process flow

MT960

BKE initiation

MT962 Key Service Message

MT963 BKE Key Ack

Process BKGenerate request

Process BKGenerate Response

Process BKReceipt-Request

Process BKReceipt-Response

MT961 BKE initiation Resp.

MT964

BKE error message Checks OK

Checks NOK

SCR Dialogues with

SWIFT Interface

SCR Dialogues with

SWIFT Interface

Initiator Responder

Checks at Initiator’s SCR: - validates responder’s CV,- determines the value of its public key

- creates a new Bilateral key (by using responder’s public key- Signs the result using initiator’s Secret key

Checks at responder’s SCR: - determine value of new key,

- verify signature of initiator’s enciphered key (via public key of initiator)-Decipher enciphered key (via public key of initiator)

- new (enciphered) bilateral key is returned to interface and stored on disk

MT963

MT965BKE Key error message

Checks NOK

Initiator verifies MAC, if OK: update BK file

Checks at responder’s SCR: - determine value of new key,

- verify signature of initiator’s enciphered key (via public key of initiator)-Decipher enciphered key (via public key of initiator)

- new (enciphered) bilateral key is returned to interface and stored on disk

MT962

Slide 23


BKE compared to RMABKE compared to RMABKE

Bilateral

Renewal

Manual key possible

FIN

BIC4/6/8

No granularity

BKE for T&T

Previous/Current/Future

Pre-agreements

Weekly distribution

RMA

Unilateral

Permanent

No manual key possible

InterAct store-and-forward

BIC8 only

Granularity

RMA optional for T&T

Current only

No pre-agreements

Daily/Real-time distribution

Slide 24


NewNew relationship management relationship management in 2008 in 2008

FIN access control security

FIN user-to-user security

Relationship management

BKE

PKI

PKI

RMA

CUST A

CBT

CUST B

CBT

HSMHSM

Page 7


Slide 25


Relationship Management Application (RMA) Relationship Management Application (RMA) Managing correspondents in a many-to-many world

– RMA as mechanism to control WHO can send you traffic

Managing the correspondent’s business

– RMA as mechanism to control WHAT a correspondent can send to you

Objective: preventing unwanted traffic

Slide 26


AgendaAgenda

1. Who is SWIFT





Slide 27


Types of messages

• User to user messages

• System messages

• Service messages

Slide 28


Categories of messages

0 System messages

1 Customer transfers & cheques

2 Financial institutions transfers

3 Foreign exchange, money markets & derivatives

4 Collections & cash letters

5 Securities markets

6 Precious metals & syndications

7 Documentary credits & guarantees

8 Travellers cheques

9 Cash management & customer status

Page 8


Slide 29


Common group message typesn90 Advice of charges,

Interest and other adjustments

n91 Request for payment of

charges,

Interest or other expenses

n92 Request for cancellation

n95 Queries

n96 Answers

n98 Proprietary message

n99 Free formatSlide 30


Flow & acknowledgements

Output Input

ACK/NAK UAK/UNK

Sender

Receive

r

Slide 31


Structure

Order Form

Please pay ....to ...

from ...

on .....

at ...

for ...

...

--------------------Instance Type and Transmission------------------

Notification (Transmission) of Original sent to SWIFT (ACK)

Network Delivery Status :Network Ack

Priority/Delivery :Normal

Message Input Reference : 1705 021115KWHKHKHHAXXX0135007653

------------------------------Message Header------------------------

Swift Input : FIN 103 Single Customer Credit Transfer

Sender : KWHKHKHHXXX

Citic Ka Wah Bank

Hong Kong

Receiver : BNPAFRPPXXX

BNP-PARIBAS SA

(FORMELY BANQUE NATIONALE DE PARIS S.A.)

Paris, France

MUR : MC12

------------------------------Message Text--------------------------

20:Sender's Reference

PAY/09

23B:Bank Operation Code

CRED

32A:Value Date, Currency and Interbank Settled Amount

Date :18 November 2002

Currency : EUR (EURO)

Amount : #65000,#

50K:Ordering Customer

/123001043212

MR LEE

10 QUEENSWAY

HK-HONG KONG

57A:Account with Institution - BIC

BNPAFRPPCAN

BNP-PARIBAS SA (FORMELY BANQUE NATIONALE DE PARIS S.A.)

CANNES FR

59:Beneficiary Customer

/12345543210100001M02211

MR DUPONT

6 RUE LAFAYETTE

FR-CANNES

70:Remittance Information

/INV/52

71A:Details of Charges

SHA

------------------------------Message Trailer----------------------

{MAC:098446CF}

{CHK:45946964876B}

Slide 32


Structure

What does a SWIFT message look like ?

Screen

SWIFT Network

Printout

Page 9


Slide 33


An example of the header of a payment message :

MT 103

Slide 34



MT 103

Slide 35



MT 103

Slide 36



MT 103

Page 10


Slide 37



MT 103

Slide 38



MT 103

Slide 39


Delivery monitoring options

KWHKHKHH BNPAFRPP

MT 103/MT 541U3

10 AM 3 AM

ACK

MT010

10.15 03.15

UAK

15.00 08.00

MT 103U3

MT011

KWHKHKHH BNPAFRPP

MT 103/MT 541U3

10 AM 3 AM

Slide 40



MT 103

Page 11


Slide 41



MT 103

Slide 42



MT 103

Slide 43


An example of the text of a payment message :

MT 103

Slide 44


M/O Tag Field Name Content/ Options

M 20 Sender’s Reference 16x- - ->

O 13C Time Indication /8c/4!n1!x4!n- - -

M 23B Bank Operation Code 4!c- - ->O 23E Instruction Code 4!c[/30x]- - -

O 26T Transaction Type Code 3!a

M 32A Value Date/Currency/Interbank 6!n3!a15d

Settled Amount

O 33B Currency/Instructed Amount 3!a15d

O 36 Exchange Rate 12d

M 50a Ordering Customer A or K

Format MT 103Single Customer Credit Transfer

Page 12


Slide 45


Input message Input message -- SWIFT networkSWIFT networkblock structureblock structure

Headers

Text

Trailers

1. Basic Header Block

2. Application Header Block

3. User Header Block

4. Text Block

5. Trailer Block

Slide 46


{1:F01KWHKHKHHAXXX0135007653}{2:I103BNPAFRPPXXXXU3003}{3:{108:MC12}}{4::20:PAY09:23B:CRED:32A:021118EUR65000,:50K:/123001043212MR LEE10 QUEENSWAYHK-HONG KONG:57A:BNPAFRPPCAN:59:/12345543210100001M02211MR DUPONT6 RUE LAFAYETTEFR-CANNES:70:/INV/52:71A:SHA-}{5:{MAC:DB347698}

{CHK:76543BA90123}}

Input payments message Input payments message -- SWIFT networkSWIFT networkblock structure block structure

Slide 47



Notification (Transmission) of Original sent to SWIFT (ACK)

Network Delivery Status :Network Ack

Priority/Delivery : Urgent/Non-Deliv Warning & Deliv Notif

Message Input Reference: 1705 021115KWHKHKHHAXXX0135007653

------------------------------Message Header------------------------



Citic Ka Wah Bank

Hong Kong


BNP-PARIBAS SA


Paris, France

MUR: MC12

------------------------------Message Text--------------------------


PAY/09


CRED

32A:Value Date,Currency and Interbank Settlement Amount

Date : 18 November 2002


Amount : #65000,#


/123001043212

MR LEE

10 QUEENSWAY

HK-HONG KONG


BNPAFRPPCAN


CANNES FR


/12345543210100001M02211

MR DUPONT

6 RUE LAFAYETTE

FR-CANNES


/INV/52


SHA

------------------------------Message Trailer----------------------

{MAC:098446CF}

{CHK:45946964876B}

Example of printout

Slide 48



Original received from SWIFT

Priority :Urgent

Message Output Reference :0806 021115BNPAFRPPAXXX0987012098

Correspondent Input Reference :1705 021115KWHKHKHHAXXX0135007653

------------------------------Message Header------------------------



Citic Ka Wah Bank

Hong Kong


BNP-PARIBAS SA


Paris, France

MUR: MC12

------------------------------Message Text--------------------------


PAY/09


CRED

32A:Value Date,Currency and Interbank Settlement Amount

Date : 18 November 2002


Amount : #65000,#


/123001043212

MR LEE

10 QUEENSWAY

HK-HONG KONG


BNPAFRPPCAN


CANNES FR


/12345543210100001M02211

MR DUPONT

6 RUE LAFAYETTE

FR-CANNES


/INV/52


SHA

------------------------------Message Trailer----------------------

{MAC:098446CF}

{CHK:45946964876B}

Example of printout

Page 13


Slide 49


Message referencing

• Sender’s

Reference

• MUR

• MIR

• MORSlide 50


Message referencing

Sender’s Reference (field 20)

(16x)

MUR : Message User Reference

(16x)

Slide 51


Message referencing

MIR : Message Input Reference

041115 KWHKHKHHAXXX 0135 007653

Input dateSender’s address Session number ISN

Slide 52


Message referencing

MOR : Message Output Reference

041115 BNPAFRPPAXXX 0987 012098

Output date Receiver’s address Session number OSN

Page 14


Slide 53


AgendaAgenda

1. Who is SWIFT





Slide 54


Slide 54

Summary elements of a SWIFT auditSummary elements of a SWIFT audit

Check SWIFT system configuration for links, back-up, contingency

Reports on contingency and BCP tests

Physical access procedures to SWIFT room

Release management

Match HR lists to operators in SWIFT interface

Check operator permission lists with SWIFT Security Officers

BKE refresh procedures

Check procedures for delivery monitoring

Archiving procedures

MIS statistics of average number of messages IN/OUT, average value

Slide 55ISACA2007

SWIFT Education programmes

�SWIFT Audit Guidelines:

�a 2 day training programme for Auditors

�For training schedule see:

�www.swift.com

Slide 56


Thank you

Documents

Key Security features of SWIFT financial messagingisaca.org.hk/document/Key Security features of SWIFT financial... · Key Security features of SWIFT financial messaging and what