SWIFT outlines first measures to tighten global banking payments security

After $81m Bangladesh Bank cyber heist, SWIFT finally unveils the first of its new security measures

SWIFT has outlined plans to tighten up the security of its global banking payments systems following a string of breaches in 2015 and 2016 - including one where hackers made off with $81m in a series of fraudulent payments that could have netted them $951m were it not for a basic typographical error.

Among the first of those new measures are ‘daily validation reports' that will be sent to client banks from December. These will list payments messages sent from clients' SWIFT terminals. Integrated into banks' security, the aim is to provide a record of transactions independent of banks' own SWIFT systems.

"The reports will be provided through a separate channel to customers' payments and compliance teams. This ‘out of band' access will ensure that independent departments at customer firms will be able to access independently sourced information through an independent channel, even if their own systems or operational staff have been compromised and their locally stored records have been obfuscated," claimed SWIFT, revealing the measure today.

The report will also provide a "risk report" indicating whether transfer instructions deviated from the client's typical payment patterns, according to Reuters.

The introduction of daily validation reports is one of several initiatives launched under the ‘transaction pattern detection' stream within SWIFT's customer security programme. It will complement SWIFT's Relationship Management Application (RMA) that highlights unexpected message flows.

"RMA is a filter that enables users to manage their correspondent relationships and is a first line of defence against unwanted or unexpected message flows. It allows users to select and limit the correspondents from whom they wish to receive messages, as well as to restrict the type of messages that they receive," claimed SWIFT.

"A key step in the modus operandi in recent wire fraud cases at customer firms involves the attackers concealing their fraudulent messaging activity on customers' local systems," said Stephen Gilderdale, head of SWIFT's Customer Security Programme.

He continued: "Daily validation reports will provide a reliable and independent source of information, providing such institutions with an activity lens to help them quickly detect fraud - whether perpetrated by external attackers or by malicious insiders."

The measure would help, in particular, the kind of smaller institutions that have been targeted by hackers in recent years.