SwiftNETThe high level overview you always wanted.

Rishabh DangwalConsultant, KPMG Cyber Security

www.theprohack.com | Twitter : @prohack | admin@theprohack.com

Agenda

Understanding SwiftNET Introduction Organizational Structure Partners

SwiftNET Messaging Architecture Services SwiftNET Modules

FIN InterACT FileACT Browse

SwiftNET Ancient Architecture

SwiftNET Contemporary Architecture

Introduction

Society for Worldwide Interbank Financial Telecommunications.

Formed because TELEX (& older systems) lacked speed, security & were cumbersome.

Started with 230 banks in 5 countries, now used by 10000 institutions in 212 countries.

Its ancient network was replaced with packet switched network X.25, which again was migrated to IP network (SwiftNET)

24 million daily messages comprising of 48% of payment messages 46% of securities messages & Remainder treasury, trade and system messages.

SWIFT takes full liability for each message once they have accepted it.

99.999 % reliability (YAY!)

SWIFT operates a number of services, primarily: General Purpose Application Financial Application

Initial Objective: To create a central point for the passing of secure and standardized messages coming from banks that are mainly interested in payment messages.

Today over 200 different SWIFT messages exist, including Credit and Debit Instructions Buy and Sell Orders Documentary Credits Collections, Guarantees, interbank transfers etc.

Introduction Cont..

Additionally, SWIFT provides a number of services* that are charged for over and above the normal fees. A few of these are:

IFT (Interbank File Transfer) ACCORD Directory Services RTGS

Users are charged on the character length (unit lengths of 325, 750, or 1950) or by message type.

The charges also vary depending on volume tier.

*more on this later

Introduction Cont..

courtesy of Swift.com

SwiftNET Organizational Structure

SwiftNET Partners

Business partnersOver the years SWIFT has built a network of external partner companies who act in selected countries or regions on SWIFT's behalf, called SWIFT business partners.

North America: S.I.D.E. America Corp, Middle East & Gulf Region: Eastern Networks Dubai, Balkan countries: CiS d.o.o. Serbia & Montenegro. Etc.

Network partnersSWIFT has adopted a multi-vendor model for its secure IP network (SIPN). The new architecture uses state-of-the-art security and ensures highest resilience and lowest risk. The key aspect of this architecture is the co-existence of multiple IP network partners.

SWIFT uses four network partners, each with a standard offering of managed IP-VPN services

AT&T BT Infonet Colt Telecom Orange Business Services

SwiftNET offers four modules or messaging services:

SwiftNET FIN Standard store & forward messaging for single instructions

SwiftNET Interact Interactive message exchange between two parties

SwiftNET FileACT Interactive exchange of files between two parties

SwiftNET Browse Provides https-based access to visual content on webservers from desktops

SwiftNET Services

Bank ACBS Swift Interface

Bank BCBS Swift Interface

Central Swift Interface

Information & Control Module (ICM)

SwiftFIN

S W I F T N E T

FIN Copy

FileACTReal time reporting

SwiftNET BrowseVisualization of

Information

InterACTReal time cash reporting

SwiftNET Messaging Architecture

Enables the exchange of messages with the traditional SWIFT MT standards.

MT is short for Message Type and all SWIFT messages start with MT.

This is then followed by a 3 digit number.

The first digit represents the Category. A category denotes messages grouped together because they all relate to particular financial instruments or services.

Group Messages:

MT0nn System Messages

MT1nn Customer Payments

MT2nn Financial Institution Transfers

MT3nn FX, Money Market & Derivatives

MT4nn Collections and cash letters

MT5nn Securities Markets

MT6nn Precious Metals & Syndications /GOLD

MT7nn Documentary Credits & Guarantees

MT8nn Travellers Cheques

MT9nn Cash Management & Customer Status

SwiftNET FIN

The second digit represents the Group denoting that the messages are related to similar parts of a transaction's lifecycle.

MT200 Financial Institution Transfer, Own Account MT202 Financial Institution Transfer, Third Party MT521 Receive (Securities) Against Payment MT523 Deliver (Securities) Against Payment

The last digit is the Type and denotes the individual message. There are several hundred message types across the categories in total. A special subset of Messages is known as the Common Group because the last two digits represent the same message in each category

MTn99 Free format MT299 Free format relating to transfers MT599 Free format relating to securities MT999 General free format

SwiftNET FIN Cont..

1. Payment Instruction (Swift Code : MT103, 103+, 202,204*)

2. Settlement request (Swift Code : MT096)

3. Settlement response (Swift Code: MT097)

4. Approved / Settled. Payment Instruction received

5. Sender / receiver notification and reporting (Swift Code : MT012, MT019, MT900, MT910, MT940, MT950 )

SWIFT Interface

SwiftNET FINPaymentorderY Copy

1

2

4

5

3

Bank A

5

Bank B

SwiftNET FIN Cont..

SwiftNET InterAct Q& R: interactive exchange of information for messages that are time-critical and need an instant response

New message types will be introduced as ISO XML messages for SwiftNET InterAct : cash management standards

Access to the web server through SwiftNET Interact:

Managing the payments queue

Liquidity management

Management of reservation and limits

SwiftNET InterACT

Authenticity, integrity, confidentiality, non-repudiation.

Flexible central routing.

Any type of file up to 250Mb, compression supported.

Store & Forward mode : Typically used to reach a large number of counterparties.

Realtime Mode : Happens for direct person to application transactions.

Bank A Bank B

Realtime Initiate File Transfer

Realtime Transfer Files

Optional File Delivery Notification

FileACT

SwiftNET FileACT

Secured with SwiftNET PKI (managed certificates)

Encryption, authentication and integrity control

Non-repudiation

Closed user group control

SIPN

SwiftNET FileACT Cont..

SwiftNET Browse enables secure browser-based access (over SIPN) from an operator using a standard browser and SWIFT Alliance WebStation to a service providers web server

Also, it allows to initiate InterAct or FileAct exchanges via a secure browser link. Through this, sensitive data as per security & reliability norms of SwiftNET, while preserving the benefits of a browser-based environment.

Bank AAlliance Workstation

SwiftNETService Provider Server

BROWSE

HTTPS authenticates System of End user

InterACT / FileACT authenticates end user using

SwiftNET PKI certificates

SwiftNET Browse

HLD courtesy of Swift.com

SwiftNET Architecture : Ancient Network

HLD courtesy of Swift.com

SwiftNET Architecture : SwiftNET

Questions?SuperZAP me at admin@theprohack.com

Thank You!

Rishabh DangwalConsultant, KPMG Cyber Security

www.theprohack.com | Twitter : @prohack | admin@theprohack.com

SwiftNETAgendaIntroductionIntroduction Cont..Introduction Cont..SwiftNET Organizational StructureSwiftNET PartnersSwiftNET ServicesSwiftNET Messaging ArchitectureSlide Number 10Slide Number 11Slide Number 12Slide Number 13Slide Number 14Slide Number 15Slide Number 16Slide Number 17Slide Number 18Questions?Thank You!