Introduction to the SWIFT Security Program – Local Authentication

The SWIFT Security Program ensures the security of the data flows that are exchanged between Temenos Core System and the connected SWIFT infrastructure component (for example, SWIFT Alliance Access).

The Local Authentication (LAU) principle ensures the integrity and authentication of the files that are exchanged between the Temenos Core System and SWIFT infrastructure.

It secures the inward and outward messages exchanged between the Temenos Core System and SWIFT, using bilateral security keys, which are kept securely in a keystore, outside the Temenos Core System.

Local Authentication:

The principle behind LAU is that the sending and receiving systems (SWIFT Alliance Access and Temenos Core System) use the same bilateral keys to calculate the Hash-Based Message Authentication Code (HMAC).

The entity that produces a message calculates the HMAC and includes it within the message. The receiving entity recalculates the HMAC based on the received message and verifies it against the HMAC included in the message.

Successful verification indicates that both entities (Temenos Core System and SWFT infrastructure) recognize each other and that the message is not tampered with.

LAU functionality implemented by Temenos Core System covers the calculation of the digital signature for FIN Messages in the RJE format. This functionality includes the following:

• Securely holds the bilateral left and right LAU keys in a keystore.
• Outgoing messages – Generate a digital signature, which is added in the outgoing message.
• Incoming messages – Receive and decrypt the digital signature added by SWIFT in the incoming message.