How users drive – or jeopardize – secure SWIFT payments

Payments security has become a key concern for the financial industry, especially in light of increased cybersecurity attacks during the past several years. Fears surrounding security vulnerabilities have put SWIFT transactions in the spotlight.

While the SWIFT system itself is largely secure, it is important to note that there are often several links in a given payment network, each creating an opportunity for corruption. The SWIFT organization recognizes the need for improved security, which is why it has instituted mandatory security controls and fraud prevention functionalities.

Below are important considerations and best practices for securing SWIFT transactions:

• Review all encryption standards
  Check for risky digital artifacts, such as unencrypted passwords and log files, insecure network permissions and messaging protocols. Backup folders containing sensitive information.

• Implement authorization requirements
  Revisit your software workflows and take advantage of authorization functions where possible. Requiring login or verification credentials restricts the number of people who have access to the payments system, reducing the chances of hacks and tampering.

• Install real-time monitoring programs
  New software programs can run real-time scans of all account activity and issue alerts when suspicious activity is discovered. Alerts can be set for unusual payment amounts or currencies, unfamiliar SWIFT or BIC codes and new account creation.

• Strengthen ‘know your customer’ security
  Recent data breaches involving sensitive personal information, such as the Equifax hack in 2017, raised awareness about false account creation. Review your current processes for know your customer (KYC) and Office of Foreign Assets Control (OFAC) verification. Programs that track location data, internet service provider (ISP) consistency, and ongoing account activity can  identify fraudulent activity quickly and accurately.

• Invest in compliant, secure IT infrastructure
  Work closely with your IT leaders and vendors to tighten your security infrastructures. Incorporate message encryption wherever possible, and make sure that all of your software programs comply with International Organization for Standardization (ISO) guidelines. Eliminate outdated tools such as spreadsheets and other vulnerable programs.

• Leverage the new SWIFT gpi program
  SWIFT’s global payments innovation (gpi) platform includes a number of important features such as real-time tracking, tamper-free transaction records and instant credit confirmations. By making full use of these attributes, you can prevent fraud and reduce security-related losses.

Securing your future with SWIFT

Through the gpi program and other updated security measures, SWIFT is creating a stronger, faster payments infrastructure. Gpi allows for transparent, cross-border payments without forcing SWIFT participants to undergo a massive overhaul of their payments systems. This is hugely important for the industry because the changing payments ecosystem demands innovation that does not sacrifice security and compliance. SWIFT is delivering on that.

Security lacks strength if stakeholders do not prioritize it, so an organization must invest in security measures at every point in the payments chain. Companies can get this right by implementing the appropriate controls at all stages of a transaction, from initiation through the payment clearing house. However your organization approaches this issue, security must be at the forefront of your payments processes. SWIFT provides a secure foundation, but it’s up to you to select the right tools and strategies to build on it.