Upload
nguyenlien
View
235
Download
2
Embed Size (px)
Citation preview
Page 1
www.swift.com © S.W.I.F.T. SCRL 2002
Slide 1
Key Security features of SWIFT Key Security features of SWIFT financial messaging and what it financial messaging and what it means for auditing an means for auditing an institutioninstitution’’s SWIFT operationss SWIFT operations
Daniel De WeyerSWIFT Senior Relationship Manager ISACA Hong Kong13 November 2007
Slide 2
ISACA 2007ISACA 2007
AgendaAgenda
1. Who is SWIFT
2. Connecting to SWIFT: access models, interfaces and resiliency
3. Security environment
4. The FIN service: message security and monitoring
5. Summary elements in the scope of a SWIFT operations audit
Slide 3
ISACA 2007ISACA 2007
Who is SWIFT?Who is SWIFT?
A co-operative organisation serving the financial services industry
A provider of highly securefinancial messaging services
The financial standardisation body
Slide 4
ISACA 2007ISACA 2007
SWIFTSolutions
Harnessing businessprocess modelling
SWIFTNet SWIFTNet -- Single window access to the Single window access to the financial worldfinancial world
SWIFTNet FIN
Enabling thecommunity
‘Serving you toserve your customer’
Extended
client reach
Market infrastructures
Single windowaccess to MIs
BANKCCLL
Standards, platform, community
Page 2
www.swift.com © S.W.I.F.T. SCRL 2002
Slide 5
ISACA 2007ISACA 2007
AgendaAgenda
1. Who is SWIFT
2. Connecting to SWIFT: access models, interfaces and resiliency
3. Security environment
4. The FIN service: message security and monitoring
5. Summary elements in the scope of a SWIFT operations audit
Slide 6
ISACA 2007ISACA 2007
Multi Vendor architecture overviewMulti Vendor architecture overview
Access networksLocal loopsCustomer premises Backbone
Customer
A
Customer
B
M-CPE
Backbone
Access
Points
OPCs
SIPN
Backbone
Network
POP
Network
Partner 3
Network
Partner 2
Network
Partner 1
Dial-up
VPNbox
Modem(TA)
VPNbox
VPNbox
Slide 7
ISACA 2007ISACA 2007
MVMV--SIPN the coSIPN the co--existence of network partners existence of network partners
Orange BusinessServices
(ex Equant)
Slide 8
ISACA 2007ISACA 2007
Direct ConnectivityDirect Connectivity
C O
S T
F UN C T I O N A L I T Y
(Dial-up)
Dual-I
Multi-Line (Single-P’s)
Dual-P
Dual-I DSL
Dual-I ISP
Page 3
www.swift.com © S.W.I.F.T. SCRL 2002
Slide 9
ISACA 2007ISACA 2007
SWIFT Platform SWIFT Platform OverviewOverview
SA-Workstation
VPNbox
SWIFTAlliance Access / Entry
SWIFTAlliance Gateway
SWIFTNet
Financial application
Service specific interface
Communication Layer
Network Layer &SWIFTNet Services
MessagingLayer
Application & DesktopLayer
SAM
AppWebServer
MT-MXMT-MX
Browser
MT- MX
Financial
Application
MT-MX-FpML
Automation
MT
SA-Webstation Browse, FileAct, InterAct & SAG admin.
RMA
MT-MXFpML
MT-MX
FpMLFpML
SWIFTNetMail
E-mailserver
E-mailclient
Slide 10
ISACA 2007ISACA 2007
SWIFTAlliance GatewaySWIFTAlliance GatewayEx:Ex:Highly resilient Highly resilient configconfig..
SAG 2
CLS gateway
FIN Interface
SAB
SAG 1
RA RARAMQ
DMZ
SAG
CLS gateway
FIN Interface
SAB
RA RARAMQ
Site 1 Site 2
DMZ
Dual-P Dual-P
Legend: Primary route(s)
Secondary routeCold-Backup route
Slide 11
ISACA 2007ISACA 2007
SWIFTAlliance GatewayUser
Application
SNL API
SNL
Application
MQHA
Application
RAHA
SNL API
SAG APIApplication
FTI
FT
Icom
man
dlin
e
Application
FTA
IBM MQ API
Integration into SWIFTAlliance GatewayIntegration into SWIFTAlliance Gateway
RAHA
TDA
Application
IBM MQ API
InterAct &FileAct
FileAct
managed bySAG
SWIFTNet unaware
InterAct &
FileAct
Application
WSHA
SOAP over
HTTPs
New6.0
Slide 12
ISACA 2007ISACA 2007
SWIFTAllianceSWIFTAlliance Access / WorkstationAccess / Workstation
Page 4
www.swift.com © S.W.I.F.T. SCRL 2002
Slide 13
ISACA 2007ISACA 2007
Integration into Integration into SWIFTAllianceSWIFTAlliance AccessAccess
SWIFTAlliance Access
User
Application
MQSA
ADK APIs
User
Application
AFT
User
Application
ADK APIs
User
Application
CASmf
CAS
CASmf APIsIBM MQ APIs
User
Application
Self-made
CAS text
Slide 14
ISACA 2007ISACA 2007
SWIFTAlliance WebStation SWIFTAlliance WebStation
Browser-based SWIFTNet Interface
– includes SNL running in browser
– includes SWIFTNet administrative GUIsFocus on person-to-application communications
Only client role (cannot be called by a Requestor)
InterActFileAct
request
reply
client server
Slide 15
ISACA 2007ISACA 2007
SWIFTAlliance WebStationSWIFTAlliance WebStation
Supports two types of solutions
– Browsing solution
– Service specific workstation : additional software must be installed locally for GUI functionality
InterAct
FileAct
request
reply
client server
https
Slide 16
ISACA 2007ISACA 2007
SAG SNL
(1)
(2)
SIPNSIPN
SWIFTAlliance WebStationSWIFTAlliance WebStation
Two ways to install SWIFTAlliance WebStation :– (1) Directly connected to the network– (2) Connected to the network via SWIFTAlliance Gateway.
Page 5
www.swift.com © S.W.I.F.T. SCRL 2002
Slide 17
ISACA 2007ISACA 2007
SWIFTAllianceSWIFTAlliance WebStationWebStation GUIGUI
PKI Management
Managing SAG
File Transfer
Browser
Slide 18
ISACA 2007ISACA 2007
SWIFTAllianceSWIFTAlliance MessengerMessengerFunctionalFunctional OverviewOverview
Browser based message entry faci lity for both “MX” and “MT” messages
Verification [MT], and authorisation of messages in line with the SAA 4-eyes principle configuration
Querying recent and archived messages
Validates the input messages before submitting them, and assists the user in correcting errors
On line help facility
Message printing faci lity
Offers functionality to create and share re-usable templates
Can be customized to corporate look and feel
Slide 19
ISACA 2007ISACA 2007
SWIFTAllianceSWIFTAlliance MessengerMessengerWelcome screenWelcome screen
Slide 20
ISACA 2007ISACA 2007
AgendaAgenda
1. Who is SWIFT
2. Connecting to SWIFT: access models, interfaces and resiliency
3. Security environment
4. The FIN service: message security and monitoring
5. Summary elements in the scope of a SWIFT operations audit
Page 6
www.swift.com © S.W.I.F.T. SCRL 2002
Slide 21
ISACA 2007ISACA 2007
SWIFTNet messaging servicesSWIFTNet messaging services
– Messages with MT standards and rules
– Store-and-forward
– Feature-rich
SWIFTNet SWIFTNet
FINFIN
SWIFTNet SWIFTNet
InterActInterAct
SWIFTNet SWIFTNet
FileActFileAct
– File transfer for data intensive applications
– Standards and rules
– Store-and-forward and real-time
– Messages and query-and-response
– MX standards (XML-based) and rules
– Store-and-forward and real-time
SWIFTNet SWIFTNet
BrowseBrowse
– Secure browsing
– Complements InterAct, FileAct, and FIN
Slide 22
ISACA 2007ISACA 2007
BKE process flowBKE process flow
MT960
BKE initiation
MT962 Key Service Message
MT963 BKE Key Ack
Process BKGenerate request
Process BKGenerate Response
Process BKReceipt-Request
Process BKReceipt-Response
MT961 BKE initiation Resp.
MT964
BKE error message Checks OK
Checks NOK
SCR Dialogues with
SWIFT Interface
SCR Dialogues with
SWIFT Interface
Initiator Responder
Checks at Initiator’s SCR: - validates responder’s CV,- determines the value of its public key
- creates a new Bilateral key (by using responder’s public key- Signs the result using initiator’s Secret key
Checks at responder’s SCR: - determine value of new key,
- verify signature of initiator’s enciphered key (via public key of initiator)-Decipher enciphered key (via public key of initiator)
- new (enciphered) bilateral key is returned to interface and stored on disk
MT963
MT965BKE Key error message
Checks NOK
Initiator verifies MAC, if OK: update BK file
Checks at responder’s SCR: - determine value of new key,
- verify signature of initiator’s enciphered key (via public key of initiator)-Decipher enciphered key (via public key of initiator)
- new (enciphered) bilateral key is returned to interface and stored on disk
MT962
Slide 23
ISACA 2007ISACA 2007
BKE compared to RMABKE compared to RMABKE
Bilateral
Renewal
Manual key possible
FIN
BIC4/6/8
No granularity
BKE for T&T
Previous/Current/Future
Pre-agreements
Weekly distribution
RMA
Unilateral
Permanent
No manual key possible
InterAct store-and-forward
BIC8 only
Granularity
RMA optional for T&T
Current only
No pre-agreements
Daily/Real-time distribution
Slide 24
ISACA 2007ISACA 2007
NewNew relationship management relationship management in 2008 in 2008
FIN access control security
FIN user-to-user security
Relationship management
BKE
PKI
PKI
RMA
CUST A
CBT
CUST B
CBT
HSMHSM
Page 7
www.swift.com © S.W.I.F.T. SCRL 2002
Slide 25
ISACA 2007ISACA 2007
Relationship Management Application (RMA) Relationship Management Application (RMA) Managing correspondents in a many-to-many world
– RMA as mechanism to control WHO can send you traffic
Managing the correspondent’s business
– RMA as mechanism to control WHAT a correspondent can send to you
Objective: preventing unwanted traffic
Slide 26
ISACA 2007ISACA 2007
AgendaAgenda
1. Who is SWIFT
2. Connecting to SWIFT: access models, interfaces and resiliency
3. Security environment
4. The FIN service: message security and monitoring
5. Summary elements in the scope of a SWIFT operations audit
Slide 27
ISACA 2007ISACA 2007
Types of messages
• User to user messages
• System messages
• Service messages
Slide 28
ISACA 2007ISACA 2007
Categories of messages
0 System messages
1 Customer transfers & cheques
2 Financial institutions transfers
3 Foreign exchange, money markets & derivatives
4 Collections & cash letters
5 Securities markets
6 Precious metals & syndications
7 Documentary credits & guarantees
8 Travellers cheques
9 Cash management & customer status
Page 8
www.swift.com © S.W.I.F.T. SCRL 2002
Slide 29
ISACA 2007ISACA 2007
Common group message typesn90 Advice of charges,
Interest and other adjustments
n91 Request for payment of
charges,
Interest or other expenses
n92 Request for cancellation
n95 Queries
n96 Answers
n98 Proprietary message
n99 Free formatSlide 30
ISACA 2007ISACA 2007
Flow & acknowledgements
Output Input
ACK/NAK UAK/UNK
Sender
Receive
r
Slide 31
ISACA 2007ISACA 2007
Structure
Order Form
Please pay ....to ...
from ...
on .....
at ...
for ...
...
--------------------Instance Type and Transmission------------------
Notification (Transmission) of Original sent to SWIFT (ACK)
Network Delivery Status :Network Ack
Priority/Delivery :Normal
Message Input Reference : 1705 021115KWHKHKHHAXXX0135007653
------------------------------Message Header------------------------
Swift Input : FIN 103 Single Customer Credit Transfer
Sender : KWHKHKHHXXX
Citic Ka Wah Bank
Hong Kong
Receiver : BNPAFRPPXXX
BNP-PARIBAS SA
(FORMELY BANQUE NATIONALE DE PARIS S.A.)
Paris, France
MUR : MC12
------------------------------Message Text--------------------------
20:Sender's Reference
PAY/09
23B:Bank Operation Code
CRED
32A:Value Date, Currency and Interbank Settled Amount
Date :18 November 2002
Currency : EUR (EURO)
Amount : #65000,#
50K:Ordering Customer
/123001043212
MR LEE
10 QUEENSWAY
HK-HONG KONG
57A:Account with Institution - BIC
BNPAFRPPCAN
BNP-PARIBAS SA (FORMELY BANQUE NATIONALE DE PARIS S.A.)
CANNES FR
59:Beneficiary Customer
/12345543210100001M02211
MR DUPONT
6 RUE LAFAYETTE
FR-CANNES
70:Remittance Information
/INV/52
71A:Details of Charges
SHA
------------------------------Message Trailer----------------------
{MAC:098446CF}
{CHK:45946964876B}
Slide 32
ISACA 2007ISACA 2007
Structure
What does a SWIFT message look like ?
Screen
SWIFT Network
Printout
Page 9
www.swift.com © S.W.I.F.T. SCRL 2002
Slide 33
ISACA 2007ISACA 2007
An example of the header of a payment message :
MT 103
Slide 34
ISACA 2007ISACA 2007
An example of the header of a payment message :
MT 103
Slide 35
ISACA 2007ISACA 2007
An example of the header of a payment message :
MT 103
Slide 36
ISACA 2007ISACA 2007
An example of the header of a payment message :
MT 103
Page 10
www.swift.com © S.W.I.F.T. SCRL 2002
Slide 37
ISACA 2007ISACA 2007
An example of the header of a payment message :
MT 103
Slide 38
ISACA 2007ISACA 2007
An example of the header of a payment message :
MT 103
Slide 39
ISACA 2007ISACA 2007
Delivery monitoring options
KWHKHKHH BNPAFRPP
MT 103/MT 541U3
10 AM 3 AM
ACK
MT010
10.15 03.15
UAK
15.00 08.00
MT 103U3
MT011
KWHKHKHH BNPAFRPP
MT 103/MT 541U3
10 AM 3 AM
Slide 40
ISACA 2007ISACA 2007
An example of the header of a payment message :
MT 103
Page 11
www.swift.com © S.W.I.F.T. SCRL 2002
Slide 41
ISACA 2007ISACA 2007
An example of the header of a payment message :
MT 103
Slide 42
ISACA 2007ISACA 2007
An example of the header of a payment message :
MT 103
Slide 43
ISACA 2007ISACA 2007
An example of the text of a payment message :
MT 103
Slide 44
ISACA 2007ISACA 2007
M/O Tag Field Name Content/ Options
M 20 Sender’s Reference 16x- - ->
O 13C Time Indication /8c/4!n1!x4!n- - -
M 23B Bank Operation Code 4!c- - ->O 23E Instruction Code 4!c[/30x]- - -
O 26T Transaction Type Code 3!a
M 32A Value Date/Currency/Interbank 6!n3!a15d
Settled Amount
O 33B Currency/Instructed Amount 3!a15d
O 36 Exchange Rate 12d
M 50a Ordering Customer A or K
Format MT 103Single Customer Credit Transfer
Page 12
www.swift.com © S.W.I.F.T. SCRL 2002
Slide 45
ISACA 2007ISACA 2007
Input message Input message -- SWIFT networkSWIFT networkblock structureblock structure
Headers
Text
Trailers
1. Basic Header Block
2. Application Header Block
3. User Header Block
4. Text Block
5. Trailer Block
Slide 46
ISACA 2007ISACA 2007
{1:F01KWHKHKHHAXXX0135007653}{2:I103BNPAFRPPXXXXU3003}{3:{108:MC12}}{4::20:PAY09:23B:CRED:32A:021118EUR65000,:50K:/123001043212MR LEE10 QUEENSWAYHK-HONG KONG:57A:BNPAFRPPCAN:59:/12345543210100001M02211MR DUPONT6 RUE LAFAYETTEFR-CANNES:70:/INV/52:71A:SHA-}{5:{MAC:DB347698}
{CHK:76543BA90123}}
Input payments message Input payments message -- SWIFT networkSWIFT networkblock structure block structure
Slide 47
ISACA 2007ISACA 2007
--------------------Instance Type and Transmission------------------
Notification (Transmission) of Original sent to SWIFT (ACK)
Network Delivery Status :Network Ack
Priority/Delivery : Urgent/Non-Deliv Warning & Deliv Notif
Message Input Reference: 1705 021115KWHKHKHHAXXX0135007653
------------------------------Message Header------------------------
Swift Input : FIN 103 Single Customer Credit Transfer
Sender : KWHKHKHHXXX
Citic Ka Wah Bank
Hong Kong
Receiver : BNPAFRPPXXX
BNP-PARIBAS SA
(FORMELY BANQUE NATIONALE DE PARIS S.A.)
Paris, France
MUR: MC12
------------------------------Message Text--------------------------
20:Sender's Reference
PAY/09
23B:Bank Operation Code
CRED
32A:Value Date,Currency and Interbank Settlement Amount
Date : 18 November 2002
Currency : EUR (EURO)
Amount : #65000,#
50K:Ordering Customer
/123001043212
MR LEE
10 QUEENSWAY
HK-HONG KONG
57A:Account with Institution - BIC
BNPAFRPPCAN
BNP-PARIBAS SA (FORMELY BANQUE NATIONALE DE PARIS S.A.)
CANNES FR
59:Beneficiary Customer
/12345543210100001M02211
MR DUPONT
6 RUE LAFAYETTE
FR-CANNES
70:Remittance Information
/INV/52
71A:Details of Charges
SHA
------------------------------Message Trailer----------------------
{MAC:098446CF}
{CHK:45946964876B}
Example of printout
Slide 48
ISACA 2007ISACA 2007
--------------------Instance Type and Transmission------------------
Original received from SWIFT
Priority :Urgent
Message Output Reference :0806 021115BNPAFRPPAXXX0987012098
Correspondent Input Reference :1705 021115KWHKHKHHAXXX0135007653
------------------------------Message Header------------------------
Swift Input : FIN 103 Single Customer Credit Transfer
Sender : KWHKHKHHXXX
Citic Ka Wah Bank
Hong Kong
Receiver : BNPAFRPPXXX
BNP-PARIBAS SA
(FORMELY BANQUE NATIONALE DE PARIS S.A.)
Paris, France
MUR: MC12
------------------------------Message Text--------------------------
20:Sender's Reference
PAY/09
23B:Bank Operation Code
CRED
32A:Value Date,Currency and Interbank Settlement Amount
Date : 18 November 2002
Currency : EUR (EURO)
Amount : #65000,#
50K:Ordering Customer
/123001043212
MR LEE
10 QUEENSWAY
HK-HONG KONG
57A:Account with Institution - BIC
BNPAFRPPCAN
BNP-PARIBAS SA (FORMELY BANQUE NATIONALE DE PARIS S.A.)
CANNES FR
59:Beneficiary Customer
/12345543210100001M02211
MR DUPONT
6 RUE LAFAYETTE
FR-CANNES
70:Remittance Information
/INV/52
71A:Details of Charges
SHA
------------------------------Message Trailer----------------------
{MAC:098446CF}
{CHK:45946964876B}
Example of printout
Page 13
www.swift.com © S.W.I.F.T. SCRL 2002
Slide 49
ISACA 2007ISACA 2007
Message referencing
• Sender’s
Reference
• MUR
• MIR
• MORSlide 50
ISACA 2007ISACA 2007
Message referencing
Sender’s Reference (field 20)
(16x)
MUR : Message User Reference
(16x)
Slide 51
ISACA 2007ISACA 2007
Message referencing
MIR : Message Input Reference
041115 KWHKHKHHAXXX 0135 007653
Input dateSender’s address Session number ISN
Slide 52
ISACA 2007ISACA 2007
Message referencing
MOR : Message Output Reference
041115 BNPAFRPPAXXX 0987 012098
Output date Receiver’s address Session number OSN
Page 14
www.swift.com © S.W.I.F.T. SCRL 2002
Slide 53
ISACA 2007ISACA 2007
AgendaAgenda
1. Who is SWIFT
2. Connecting to SWIFT: access models, interfaces and resiliency
3. Security environment
4. The FIN service: message security and monitoring
5. Summary elements in the scope of a SWIFT operations audit
Slide 54
ISACA 2007ISACA 2007
Slide 54
Summary elements of a SWIFT auditSummary elements of a SWIFT audit
Check SWIFT system configuration for links, back-up, contingency
Reports on contingency and BCP tests
Physical access procedures to SWIFT room
Release management
Match HR lists to operators in SWIFT interface
Check operator permission lists with SWIFT Security Officers
BKE refresh procedures
Check procedures for delivery monitoring
Archiving procedures
MIS statistics of average number of messages IN/OUT, average value
Slide 55ISACA2007
SWIFT Education programmes
�SWIFT Audit Guidelines:
�a 2 day training programme for Auditors
�For training schedule see:
�www.swift.com
Slide 56
ISACA 2007ISACA 2007
Thank you