SWIFT Local Authentication (LAU)

SWIFT LAU provides extra security to messages processed using FTP by adding a digital signature to the inward or outward message. Any attempt to change the message after it has been created will be detected resulting in the message being rejected and highlighted for user inspection.

How can Aqua assist?

Using Aqua’s LAU Module, e2gen will transmit messages to the SWIFT device with a Local Authentication signature in the trailer of each SWIFT message. The LAU value depends on 2 16 digit keys that are concatenated to provide a key for the encryption algorithm that uses Hash-Based Message Authentication Code (HMAC) Secure Hash Algorithm (SHA-256) signatures.

The symmetric key is shared by both the back-office application and Alliance Access. For any Incoming SWIFT with an LAU in the header e2gen will verify that the LAU is correct and reject messages where there is no LAU. Similarly the SWIFT device will check the authenticity of the LAU on messages created by e2gen

Benefits

• Far greater security against external and internal fraud.
• Risk mitigation for the benefit of customers and shareholders.
• SWIFT now require that the Chief Internal Security Officer (CISO) and internal audit staff certify the banks security position each year and LAU ensures greater compliance. Any failures will result in SWIFT reporting an institution to the regulators of that country which has occurred recently.
• SWIFT can additionally reserve the right to perform an audit to check the banks security policy if they suspect it is substandard.

We can help you

If you want assistance with the SWIFT LAU initiative, then contact Aqua Global today at info@aqua-global-solutions.com or call us on +44(0) 20 8544 3200.