Customer Testing Policy

(1)

SWIFT

Customer Testing Policy

This document provides specific conditions for performance or vulnerability testing of SWIFT services and products and non-SWIFT services and products. This document covers stress tests, throughput tests, intrusion tests or penetration tests, and any other types of performance testing or vulnerability testing.

(2)

Customer Testing Policy Table of Contents

Preface

Purpose of this document

This document sets out specific conditions for performance or vulnerability testing of SWIFT services and products and non-SWIFT services and products. This document covers stress tests, throughput tests, intrusion tests or penetration tests, and any other types of

performance testing or vulnerability testing.

Customers must not conduct any performance or vulnerability tests on or through SWIFT services and products unless expressly permitted in this Customer Testing Policy. This Customer Testing Policy is an integral part of the contractual arrangement between SWIFT and its customers.

Intended audience

SWIFT intends this document for its customers.

In particular, the following persons should read this document: • technical experts who operate the SWIFT service • security experts

• business decision makers who deal with security, risk management, and exposure management

Related documentation

• SWIFT General Terms and Conditions and other terms and conditions governing the provision and use of tested SWIFT services and products.

SWIFT-defined terms

This document contains terms that have a specific meaning in the context of SWIFT documentation (for example, customer, user, or SWIFT services and products).

The definitions of SWIFT-defined terms appear either in this document or in the SWIFT Glossary. In this document SWIFT differentiates these terms as shown in this example:

SWIFT provides secure, standardised messaging services and interface software to its customers.

First Edition

(4)

Customer Testing Policy Introduction

Introduction

Performance and vulnerability testing by SWIFT and customers

SWIFT conducts regular tests to probe the availability, integrity, and confidentiality of SWIFT services and products. SWIFT typically reports on such tests through SWIFT’s third-party assurance framework such as SWIFT’s ISAE 3402 type 2 report.

SWIFT understands that, beyond SWIFT’s tests, customers may also wish to conduct certain performance or vulnerability tests on or through SWIFT services and products. Because such tests might adversely affect SWIFT’s operations or be indistinguishable from real threats, customers must not conduct any such test unless expressly permitted in the SWIFT Customer Testing Policy.

This policy applies to stress tests, throughput tests, intrusion tests or penetration tests, and any other types of performance testing or vulnerability testing.

(5)

Customer Testing Policy Vulnerability testing

1 Vulnerability testing

1.1 SWIFT software and hardware for which customer

testing is permitted

Subject to the conditions set out in this policy or elsewhere in the SWIFT Contractual Documentation, customers are permitted to perform vulnerability testing on the SWIFT software and hardware below.

SWIFT software

• Alliance Access, including custom modules built on Alliance Developers Kit (ADK) and Alliance Access Integration platform (IPLA)

• Alliance Entry

• SWIFT Integration Layer • Alliance Messaging Hub • Alliance Gateway • Alliance Web Platform • Lite2 AutoClient • SWIFTNet Link SWIFT hardware

• Hardware Security module (HSM) box • HSM Token

• HSM Card and Card reader • 3SKey token

Without prejudice to other conditions governing the use of that SWIFT software or hardware under other SWIFT Contractual Documentation, vulnerability testing on that SWIFT software and hardware is permitted on the following supplemental conditions only:

• Any vulnerability testing must occur locally without any physical and logical connection to the SWIFT network.

• Customer must test up-to-date and currently supported versions of software and hardware only.

1.2 SWIFT services and products for which customer

testing is not permitted

Any testing with the intention to probe the security, reliability, and resilience of the following SWIFT services and products is not permitted:

• Alliance Connect products (Gold, Silver, Silver Plus and Bronze), including the VPN Boxes deployed at customer’s site and the network connectivity access ports

• Alliance Connect Everywhere, including the wireless router deployed at customer's site but managed by SWIFT

• SWIFT messaging services and solutions, such as InterAct, FileAct, Browse,

WebAccess, FIN and related copy services such as FINCopy and FINInform, Sanctions Screening, MIRS

• Business Application services, such as Accord and Trade Services Utility

(6)

Customer Testing Policy Vulnerability testing

• SWIFT web sites, such as swift.com, and Internet/web based services or applications, such as SWIFTRef or Sanctions Testing

• The SWIFT Certificate Centre, also known as the "3Skey Portal" • SWIFT managed network infrastructure

The same restriction applies to all SWIFT systems and infrastructures supporting these SWIFT services and products.

1.3 Customer testing of non-SWIFT services and

products

Customers may also want to test non-SWIFT products and services, such as services and products supplied by their selected Network Partners, internet access provider, or third-party software vendors.

While any testing of non-SWIFT products and services must be agreed upon with the vendor(s) and other third-parties (if any) concerned, customers are permitted to perform vulnerability testing on non-SWIFT products and services on the following supplemental conditions only:

• Any vulnerability testing of non-SWIFT products and services must occur without any physical or logical connection to the SWIFT network.

• Any vulnerability testing of the M-CPE (Managed Customer-Premises Equipment) supplied by the Network Partners is prohibited.

1.4 SWIFT services and products for which customer

testing requires SWIFT’s express prior consent

Any vulnerability testing not expressly covered in the previous sections requires SWIFT’s express prior written consent.

This applies to, for example, vulnerability testing of third-party services or platforms accessible via SWIFT’s Browse service, organised by the service provider itself.

Any such testing may be subject to supplemental conditions including (without limitation) fees.

Customers willing to perform any such vulnerability testing must seek SWIFT’s consent by contacting the SWIFT Customer Support Centre. Customers willing to perform vulnerability testing of a third-party service or platform via SWIFT services and products must first agree with that third party on the conditions for any such testing before contacting SWIFT.

(7)

Customer Testing Policy Performance testing

2 Performance testing

2.1 Stress tests

Stress tests on SWIFT messaging services must be carefully planned.

Except for limited FIN stress tests (see section 2.2), customers must always seek SWIFT’s express approval to perform any stress tests on SWIFT messaging services.

More information about the process to request such approval is available in the Knowledge Base tip 2008531.

2.2 FIN stress tests

Individual and global stress testing

If a customer plans to test volumes of more than 20,000 FIN messages per hour between Monday 00:01 GMT and Friday 23:59 GMT or of more than 100,000 FIN messages per hour between Saturday 00:00 GMT and Monday 00:00 GMT, then it must plan these tests beforehand and it must request approval from SWIFT following the process described in Knowledge Base tip 2008531.

Important: If a customer plans to perform throughput tests using FINCopy, then all MT 096, MT 097, and MT 012 must be included in the total number of messages.

2.3 Stress tests in CUGs managed by service

administrators

There are two types of stress tests in CUGs managed by service administrators, as follows: • Individual and global stress testing

As part of its test and training qualification, a service administrator may request participants to prove that they can achieve their respective peak hour throughput. The service administrator plans and runs these tests at its best convenience. Participant stress tests must also respect the rules about peak message volumes at the service administrator level, as defined in the SWIFTNet Messaging Operations Guide. • Global system stress testing

This means that all participants are testing the service's peak hour throughput. Depending on the volumes, this can have a significant impact on the SWIFT network (especially at the service administrator level).

In addition to SWIFT’s approval (see section 2.1), participants and service administrators must agree with SWIFT before performing any stress tests in CUGs managed by service administrators.

(8)

Customer Testing Policy General principles for Customer testing

3 General principles for Customer testing

Without prejudice to any other conditions governing the provision and use of the tested SWIFT services and products under other SWIFT Contractual Documentation, any customer testing is subject to the following conditions:

• In the same way as the right to use SWIFT services and products, any right to test SWIFT services and products is personal to the customer duly authorised to use the SWIFT services and products to be tested;

• If the customer ever decides to delegate or sub-contract to a third party the exercise of its testing rights or the performance of any obligations under this Customer Testing

Policy and other applicable SWIFT Contractual Documentation, it does so at its own risk and must ensure that the scope of rights granted to any such third party does not exceed those granted to it under this policy or other applicable SWIFT Contractual Documentation. The customer that delegates or sub-contracts to a third party the exercise of its testing rights or the performance of any obligations under this Customer

Testing Policy and other applicable SWIFT Contractual Documentation remains fully responsible to SWIFT for the performance and observance by any such third party of any obligations applicable to it;

• Any customer testing is at the customer’s own risk and expense;

• Any reverse engineering or any other attempt to access or change the software code, or any physical tampering with hardware, is not permitted;

• The customer must perform a full reinstallation on re-initialised systems before connecting to the SWIFT network and using SWIFT services and products;

• The customer must not initiate any customer testing before having successfully backed up all relevant configuration and databases;

• SWIFT reserves the right to suspend or terminate at any time the provision or use of SWIFT services and products to prevent or mitigate any adverse effect of customer testing on the security, reliability, or resilience of SWIFT services and products; • SWIFT support does not cover customer testing activities; and

• If customers believe that they have identified a potential performance or vulnerability threat, then they must immediately inform SWIFT thereof and treat all related information, data, or materials as SWIFT confidential information.

In order to facilitate further investigation by SWIFT, customers are expected to provide the following information:

− product version(s)

− queries sent to the application and how such queries were generated − results of the queries / screenshots

− impact as perceived by the customer and recommendations (if any) to address such impact

(9)

Customer Testing Policy Legal Notices

Legal Notices

Copyright

Restricted Distribution

Do not distribute this publication outside your organisation unless your subscription or order expressly grants you that right, in which case ensure you comply with any other applicable conditions.

Disclaimer

SWIFT supplies this publication for information purposes only. The information in this publication may change from time to time. You must always refer to the latest available version.

Trademarks

SWIFT is the trade name of S.W.I.F.T. SCRL. The following are registered trademarks of SWIFT: the SWIFT logo, SWIFT, SWIFTNet, Accord, Sibos, 3SKey, Innotribe, the Standards Forum logo, MyStandards, and SWIFT Institute. Other product, service, or company names in this publication are trade names, trademarks, or registered trademarks of their respective owners.