Key Security features of SWIFT Financial Messaging
advertisement
Page 1
Agenda
1. Who is SWIFT
Key Security features of SWIFT
financial messaging and what it
means for auditing an
institution’
institution’s SWIFT operations
2. Connecting to SWIFT: access models,
interfaces and resiliency
Daniel De Weyer
SWIFT Senior Relationship Manager
ISACA Hong Kong
13 November 2007
5. Summary elements in the scope of a
SWIFT operations audit
3. Security environment
4. The FIN service: message security and
monitoring
ISACA 2007
Slide 1
Slide 2
SWIFTNet - Single window access to the
financial world
Who is SWIFT?
Market infrastructures
A co-operative organisation serving the
financial services industry
Single window
access to MIs
A provider of highly secure
financial messaging services
‘Serving you to
serve your customer’
The financial standardisation body
ISACA 2007
Slide 3
Enabling the
community
SWIFTSolutions
BANKCCLL
Extended
client reach
ISACA 2007
www.swift.com
SWIFTNet FIN
Harnessing business
process modelling
Standards, platform, community
Slide 4
© S.W.I.F.T. SCRL 2002
Page 2
Multi Vendor architecture overview
Agenda
1. Who is SWIFT
Customer premises
2. Connecting to SWIFT: access models,
interfaces and resiliency
Local loops
Access networks
Network
Partner 1
VPN
box
3. Security environment
Customer
A
4. The FIN service: message security and
monitoring
Backbone
VPN
box
Network
Partner 2
M-CPE
SIPN
Backbone
Network
OPCs
VPN
box
5. Summary elements in the scope of a
SWIFT operations audit
Modem
(TA)
POP
Dial-up
Network
Partner 3
Backbone
Access
Points
Customer
B
ISACA 2007
ISACA 2007
Slide 5
Direct Connectivity
COST
MVMV-SIPN the coco-existence of network partners
Slide 6
Dual-P
Multi-Line (Single-P’s)
Dual-I
Orange Business
Services
(ex Equant)
Dual-I DSL
Dual-I ISP
(Dial-up)
F UN C T I O N A L I T Y
ISACA 2007
ISACA 2007
Slide 7
www.swift.com
Slide 8
© S.W.I.F.T. SCRL 2002
Page 3
SWIFTAlliance Gateway
Ex:Highly
Ex:Highly resilient config.
config.
SWIFT Platform Overview
Messaging
Layer
Application & Desktop
Layer
MT- MX
Communication
Layer
Network Layer &
SWIFTNet Services
Site 1
Site 2
FIN
Interface
SAM
Browser
SWIFTAlliance
Gateway
MT-MX
MT-MX
MT-MX-FpML
MT
MQ
VPN
box
MT-MX
MT-MX
FpML
FpML
Automation
SA-Workstation
CLS
gateway
SAB
FIN
Interface
CLS
gateway
SAB
SWIFTAlliance
Access / Entry
App
WebServer
Financial
Application
Legend: Primary route(s)
Secondary route
Cold-Backup route
RA
RA
RA
MQ
RA
RA
RA
SWIFTNet
RMA
SAG 1
SAG 2
Browse, FileAct, InterAct & SAG admin.
SA-Webstation
SAG
Financial
application
Service specific
interface
E-mail
client
ISACA 2007
DMZ
SWIFTNet
Mail
E-mail
server
Dual-P
ISACA 2007
DMZ
Dual-P
Slide 9
Slide 10
SWIFTAlliance Access / Workstation
Integration into SWIFTAlliance Gateway
SNL
SNL API
SWIFTAlliance Gateway
RAHA
WSHA
RAHA
MQHA
SNL API
SAG API
IBM MQ API
FTA
FTI
InterAct &
FileAct
TDA
SOAP over
HTTPs
FTI command line
User
Application
Application Application
Application Application Application
New
6.0
IBM MQ API
InterAct &
FileAct
FileAct
managed by
SAG
Application
ISACA 2007
SWIFTNet unaware
www.swift.com
ISACA 2007
Slide 11
Slide 12
© S.W.I.F.T. SCRL 2002
Page 4
SWIFTAlliance WebStation
Integration into SWIFTAlliance Access
Browser-based SWIFTNet Interface
– includes SNL running in browser
SWIFTAlliance Access
– includes SWIFTNet administrative GUIs
ADK APIs
CAS
AFT
ADK APIs
Focus on person-to-application communications
Only client role (cannot be called by a Requestor)
MQSA
User
Application
CASmf
Self-made
CAS text
CASmf APIs
User
Application
User
Application
IBM MQ APIs
User
Application
request
User
Application
InterAct
FileAct
client
ISACA 2007
reply
server
ISACA 2007
Slide 13
SWIFTAlliance WebStation
Slide 14
SWIFTAlliance WebStation
Two ways to install SWIFTAlliance WebStation :
– (1) Directly connected to the network
– (2) Connected to the network via SWIFTAlliance Gateway.
Supports two types of solutions
– Browsing solution
– Service specific workstation : additional software must
be installed locally for GUI functionality
(1)
SIPN
SAG SNL
https
request
client
InterAct
FileAct
(2)
reply
server
ISACA 2007
ISACA 2007
Slide 15
www.swift.com
Slide 16
© S.W.I.F.T. SCRL 2002
Page 5
SWIFTAlliance Messenger
Functional Overview
SWIFTAlliance WebStation GUI
Browser based message entry facility for both “MX” and “MT” messages
Verification [MT], and authorisation of messages in line with the SAA 4-eyes principle configuration
Querying recent and archived messages
Validates the input messages before submitting them, and assists the user in correcting errors
On line help facility
Message printing facility
Offers functionality to create and share re-usable templates
Can be customized to corporate look and feel
PKI Management
Managing SAG
File Transfer
Browser
ISACA 2007
ISACA 2007
Slide 17
SWIFTAlliance Messenger
Welcome screen
Slide 18
Agenda
1. Who is SWIFT
2. Connecting to SWIFT: access models,
interfaces and resiliency
3. Security environment
4. The FIN service: message security and
monitoring
5. Summary elements in the scope of a
SWIFT operations audit
ISACA 2007
ISACA 2007
Slide 19
www.swift.com
Slide 20
© S.W.I.F.T. SCRL 2002
Page 6
SWIFTNet messaging services
SWIFTNet
FIN
BKE process flow
– Messages with MT standards and rules
– Store-and-forward
– Feature-rich
SCR Dialogues with
SWIFT Interface
Initiator
MT964
BKE error message
Process BK
Generate request
SWIFTNet
InterAct
Responder
MT960
BKE initiation
SCR Dialogues with
SWIFT Interface
Checks NOK
Checks OK
MT961
BKE initiation Resp.
– Messages and query-and-response
– MX standards (XML-based) and rules
– Store-and-forward and real-time
Checks NOK
MT962
Key Service Message
MT962
Process BK
Generate Response
SWIFTNet
FileAct
SWIFTNet
Browse
– File transfer for data intensive applications
– Standards and rules
– Store-and-forward and real-time
Initiator verifies MAC, if OK: update BK file
Process BK
Receipt-Response
MT963
BKE Key Ack
MT963
MT965
BKE Key error message
Checks at Initiator’s SCR:
- validates responder’s CV,
- determines the value of its public key
- creates a new Bilateral key (by using responder’s public
key
- Signs the result using initiator’s Secret key
– Secure browsing
– Complements InterAct, FileAct, and FIN
ISACA 2007
Process BK
Receipt-Request
Checks at responder’s SCR:
- determine value of new key,
- verify signature of initiator’s enciphered key (via public key of
initiator)
-Decipher enciphered key (via public key of initiator)
- new (enciphered) bilateral key is returned to interface and stored
on disk
ISACA 2007
Slide 21
BKE compared to RMA
Slide 22
New relationship management in 2008
BKE
RMA
Bilateral
Unilateral
Renewal
Permanent
Manual key possible
No manual key possible
FIN
InterAct store-and-forward
BIC4/6/8
BIC8 only
No granularity
Granularity
BKE for T&T
RMA optional for T&T
Previous/Current/Future
Current only
Pre-agreements
No pre-agreements
Weekly distribution
Daily/Real-time distribution
CUST A
CUST B
CBT
CBT
HSM
HSM
FIN access control security
PKI
FIN user-to-user security
PKI
Relationship management
BKE
ISACA 2007
Slide 23
www.swift.com
RMA
ISACA 2007
Slide 24
© S.W.I.F.T. SCRL 2002
Page 7
Relationship Management Application (RMA)
Agenda
1. Who is SWIFT
Managing correspondents in a many-to-many world
– RMA as mechanism to control WHO can
send you traffic
2. Connecting to SWIFT: access models,
interfaces and resiliency
Managing the correspondent’s business
– RMA as mechanism to control WHAT a
correspondent can send to you
3. Security environment
4. The FIN service: message security and
monitoring
5. Summary elements in the scope of a
SWIFT operations audit
Objective: preventing unwanted traffic
ISACA 2007
ISACA 2007
Slide 25
Categories of messages
Types of messages
• User to user messages
• System messages
• Service messages
ISACA 2007
0
System messages
1
Customer transfers & cheques
2
Financial institutions transfers
3
Foreign exchange, money markets & derivatives
4
Collections & cash letters
5
Securities markets
6
Precious metals & syndications
7
Documentary credits & guarantees
8
Travellers cheques
9
Cash management & customer status
ISACA 2007
Slide 27
www.swift.com
Slide 26
Slide 28
© S.W.I.F.T. SCRL 2002
Page 8
Flow & acknowledgements
Common group message types
n90 Advice of charges,
Interest and other adjustments
n91 Request for payment of
charges,
Interest or other expenses
Input
Output
n92 Request for cancellation
n95 Queries
ACK/NAK
n96 Answers
n98 Proprietary message
UAK/UNK
Receive
r
Sende
r
n99
Free format
ISACA 2007
ISACA 2007
Slide 29
Structure
Order Form
Please pay ....
to ...
from ...
on .....
at ...
for ...
...
ISACA 2007
--------------------Instance Type and Transmission-----------------Notification (Transmission) of Original sent to SWIFT (ACK)
Network Delivery Status :Network Ack
Priority/Delivery :Normal
Message Input Reference
: 1705 021115KWHKHKHHAXXX0135007653
------------------------------Message Header-----------------------Swift Input : FIN 103 Single Customer Credit Transfer
Sender
: KWHKHKHHXXX
Citic Ka Wah Bank
Hong Kong
Receiver
: BNPAFRPPXXX
BNP-PARIBAS SA
(FORMELY BANQUE NATIONALE DE PARIS S.A.)
Paris, France
MUR : MC12
------------------------------Message Text-------------------------20:Sender's Reference
PAY/09
23B:Bank Operation Code
CRED
32A:Value Date, Currency and Interbank Settled Amount
Date
:18 November 2002
Currency : EUR (EURO)
Amount
:
#65000,#
50K:Ordering Customer
/123001043212
MR LEE
10 QUEENSWAY
HK-HONG KONG
57A:Account with Institution - BIC
BNPAFRPPCAN
BNP-PARIBAS SA (FORMELY BANQUE NATIONALE DE PARIS S.A.)
CANNES FR
59:Beneficiary Customer
/12345543210100001M02211
MR DUPONT
6 RUE LAFAYETTE
FR-CANNES
70:Remittance Information
/INV/52
71A:Details of Charges
SHA
------------------------------Message Trailer---------------------{MAC:098446CF}
{CHK:45946964876B}
Slide 31
www.swift.com
Slide 30
Structure
What does a SWIFT message look like ?
Screen
SWIFT Network
Printout
ISACA 2007
Slide 32
© S.W.I.F.T. SCRL 2002
Page 9
An example of the header of a payment message : An example of the header of a payment message :
MT 103
MT 103
ISACA 2007
ISACA 2007
Slide 33
Slide 34
An example of the header of a payment message : An example of the header of a payment message :
MT 103
MT 103
ISACA 2007
ISACA 2007
Slide 35
www.swift.com
Slide 36
© S.W.I.F.T. SCRL 2002
Page 10
An example of the header of a payment message : An example of the header of a payment message :
MT 103
MT 103
ISACA 2007
ISACA 2007
Slide 37
An example of the header of a payment message :
MT 103
Delivery monitoring options
MT 103/
MT 541
U3
MT 103
U3
ACK
MT010
Slide 38
UAK
MT011
KWHKHKHH
10 AM
10.15
ISACA
2007
15.00
BNPAFRPP
3 AM
03.15
08.00
ISACA 2007
Slide 39
www.swift.com
Slide 40
© S.W.I.F.T. SCRL 2002
Page 11
An example of the header of a payment message : An example of the header of a payment message :
MT 103
MT 103
ISACA 2007
ISACA 2007
Slide 41
An example of the text of a payment message :
MT 103
Slide 42
Format MT 103
Single Customer Credit Transfer
M/O
Tag
Field Name
Content/ Options
M
- - ->
O
--M
- - ->
O
--O
M
20
Sender’s Reference
16x
13C
Time Indication
/8c/4!n1!x4!n
O
O
M
ISACA 2007
Bank Operation Code
4!c
Instruction Code
4!c[/30x]
26T
32A
Transaction Type Code
Value Date/Currency/Interbank
Settled Amount
Currency/Instructed Amount
Exchange Rate
Ordering Customer
3!a
6!n3!a15d
33B
36
50a
3!a15d
12d
A or K
ISACA 2007
Slide 43
www.swift.com
23B
23E
Slide 44
© S.W.I.F.T. SCRL 2002
Page 12
Input message - SWIFT network
block structure
Input payments message - SWIFT network
block structure
1. Basic Header Block
Headers
2. Application Header Block
3. User Header Block
Text
4. Text Block
Trailers
5. Trailer Block
ISACA 2007
ISACA 2007
Slide 45
------------------------------Message Text-------------------------20:Sender's Reference
PAY/09
23B:Bank Operation Code
CRED
32A:Value Date,Currency and Interbank Settlement Amount
Date
: 18 November 2002
Currency
: EUR (EURO)
Amount
:
#65000,#
50K:Ordering Customer
------------------------------Message Header-----------------------/123001043212
Swift Input : FIN 103 Single Customer Credit Transfer
Sender MR LEE: KWHKHKHHXXX
10 QUEENSWAY
--------------------Instance
Type and Transmission-----------------Citic Ka Wah Bank
------------------------------Message
Trailer---------------------HK-HONG (Transmission)
KONG
Notification
of Original sent to SWIFT (ACK)
Hong Kong
{MAC:098446CF}
57A:Account
with
Institution
BIC
Network
Delivery
Status
:Network- Ack
Receiver
: BNPAFRPPXXX
{CHK:45946964876B}
BNPAFRPPCAN : Urgent/Non-Deliv Warning & Deliv Notif
Priority/Delivery
BNP-PARIBAS SA
BNP-PARIBAS
SA (FORMELY
BANQUE
NATIONALE
PARIS S.A.)
Message
Input (FORMELY
Reference:
1705NATIONALE
021115KWHKHKHHAXXX0135007653
BANQUE
DE PARISDES.A.)
CANNES FR
Paris, France
59:Beneficiary Customer
MUR: MC12
/12345543210100001M02211
MR DUPONT
6 RUE LAFAYETTE
FR-CANNES
70:Remittance Information
/INV/52
71A:Details of Charges
SHA
Example of printout
ISACA 2007
Slide 46
------------------------------Message Text-------------------------20:Sender's Reference
PAY/09
23B:Bank Operation Code
CRED
32A:Value Date,Currency and Interbank Settlement Amount
Date
: 18 November 2002
Currency
: EUR (EURO)
Amount
:
#65000,#
50K:Ordering Customer
------------------------------Message Header-----------------------/123001043212
Swift Input : FIN 103 Single Customer Credit Transfer
Sender MR LEE: KWHKHKHHXXX
10 QUEENSWAY
--------------------Instance
Type and Transmission-----------------Citic Ka Wah Bank
------------------------------Message
Trailer---------------------HK-HONG
KONG
Original
received
Hong from
Kong SWIFT
{MAC:098446CF}
57A:Account
with
Institution - BIC
Priority
:Urgent
Receiver
: BNPAFRPPXXX
{CHK:45946964876B}
BNPAFRPPCAN
Message
OutputBNP-PARIBAS
Reference SA
:0806 021115BNPAFRPPAXXX0987012098
BNP-PARIBAS
SA Reference
(FORMELY
BANQUE
NATIONALE
PARIS S.A.)
Correspondent
Input
:1705
(FORMELY
BANQUE NATIONALE
DE021115KWHKHKHHAXXX0135007653
PARISDES.A.)
CANNES FR
Paris, France
59:Beneficiary Customer
MUR: MC12
/12345543210100001M02211
MR DUPONT
6 RUE LAFAYETTE
FR-CANNES
70:Remittance Information
/INV/52
71A:Details of Charges
SHA
Example of printout
ISACA 2007
Slide 47
www.swift.com
{1:F01KWHKHKHHAXXX0135007653}
{2:I103BNPAFRPPXXXXU3003}
{3:{108:MC12}}
{4:
:20:PAY09
:23B:CRED
:32A:021118EUR65000,
:50K:/123001043212
MR LEE
10 QUEENSWAY
HK-HONG KONG
:57A:BNPAFRPPCAN
:59:/12345543210100001M02211
MR DUPONT
6 RUE LAFAYETTE
FR-CANNES
:70:/INV/52
:71A:SHA
-}
{5:{MAC:DB347698}
{CHK:76543BA90123}}
Slide 48
© S.W.I.F.T. SCRL 2002
Page 13
Message referencing
• Sender’s
Reference
Message referencing
Sender’s Reference (field 20)
(16x)
• MUR
MUR : Message User Reference
(16x)
• MIR
• MOR
ISACA 2007
ISACA 2007
Slide 49
Message referencing
Slide 50
Message referencing
MIR : Message Input Reference
MOR : Message Output Reference
041115 KWHKHKHHAXXX 0135 007653
041115 BNPAFRPPAXXX 0987 012098
Input date
Sender’s address
Session number
ISN
ISACA 2007
Receiver’s address
Session number
OSN
ISACA 2007
Slide 51
www.swift.com
Output date
Slide 52
© S.W.I.F.T. SCRL 2002
Page 14
Summary elements of a SWIFT audit
Agenda
1. Who is SWIFT
Check SWIFT system configuration for links, back-up, contingency
2. Connecting to SWIFT: access models,
interfaces and resiliency
Reports on contingency and BCP tests
Physical access procedures to SWIFT room
3. Security environment
Release management
4. The FIN service: message security and
monitoring
Check operator permission lists with SWIFT Security Officers
Match HR lists to operators in SWIFT interface
BKE refresh procedures
Check procedures for delivery monitoring
5. Summary elements in the scope of a
SWIFT operations audit
Archiving procedures
MIS statistics of average number of messages IN/OUT, average value
ISACA 2007
ISACA 2007
Slide
Slide 54
Slide 53
SWIFT Education programmes
SWIFT
Audit Guidelines:
a
2 day training
programme for Auditors
For
training schedule
see:
www.swift.com
Thank you
ISACA 2007
ISACA2007
www.swift.com
Slide 55
Slide 56
© S.W.I.F.T. SCRL 2002
