«Cyberplat» has decided to open the original source code of the CyberFT IT platform.
In the core of any major information system there must be a mature strategy and vision of its development. CyberFT, which was created for secure transfer of financial and corporate data, is no exception. That is why during the initial stage of its development main strategic principles and measures were shaped.
Having analyzed existing systems for financial messaging e-document flow, CyberPlat experts have highlighted nine main strategic principles that CyberFT must meet.
Sovereignty |
|
---|---|
License independence |
In the core of the customer-end CyberFT are our home-made inventions, as well as open-source software, which increases independence of the system from particular software producers and entire countries, which is especially relevant in case of deterioration of the political environment, which in turn deteriorates relations with country in question. Such an approach also considerably reduces the price of the system and increases its flexibility. |
Patent independence |
CyberFT is a patent-independent system. For instance, most formats supported by CyberFT are international (ISO 15022, ISO 20022, etc.), whereas supported cryptographic information protections facilities are built into the system as separate modules. |
Hubs are within your reach |
CyberFT supports multiple providers. That means that CyberFT processing can be set up by any company anywhere in the world. That said, by joining CyberFT any taken country or holding boosts its sovereignty level and decreases its dependence on foreign providers. |
Autonomy of communications |
You can work with CyberFT using various communication channels, including public internet, VPN and dedicated communication channels. That means CyberFT automatically selects communication type used by the customer. Due to the fact that CyberFT is a system with a host of providers, communication channels length between a Customer and their Provider becomes shorter, which, in turn, lowers the risk of leak of commercial info from the communication line. Using CyberFT you can set up a fully autonomous network in any given country and use local communication channels, which will surely be operating regardless of the foreign political situation or malfunctions outside the country in question. |
Guarantees and control by competent authorities |
CyberFT operates in compliance with regulatory requirements of competent Russian authorities (FSB, FSTEC, Roskomnadzor, Bank of Russia, etc.), related to various customer groups: banks, corporations, companies with state capital, retail, etc. CyberFT takes into account local legislation requirements while installing processing outside of Russia. That said, we provide international secure e-messaging. |
Fail-safety |
|
Interchangeability of providers |
CCyberFT supports unlimited number of independent providers, which increases number of hubs and skyrockets reliability of the network. Support of international message standards allows CyberFT users to make a swift switch to other providers should the need occur. |
Competition among providers |
Competition among the providers boosts the service quality, which ensures fail-safety that is crucial for information system for financial messaging. |
Disaster tolerance of each hub |
Any CyberFT processing from tech standpoint consists of at least two separate server groups built on the basis of GRID-technology. Normally, servers are located in different data centers, which only increases reliability and disaster-tolerance of the entire hub. On the whole, such architecture ensures the highest fail-safety of the system. |
Guaranteed performance and scalability |
CyberFT tech solutions rely on the years-long experience of building fail-safe high-performance information systems for finance. Tech and organizational approaches are initially built on the scalability in terms of both territories (new regions of presence, additional data centers), and system performance. |
Security |
|
Secure encryption with an option of changing your encryption libraries |
CyberFT was designed so as at request of the customers there could be used any removable cryptographic library, including certified cryptographic information protection facilities. Such an approach makes CyberFT universal from the standpoint of using it in different countries for various purposes, and it also allows us to take into consideration of local legislation in IT security field. |
Certification |
CyberFT currently supports CryptoPro certified cryptographic information protection facilities. At the moment there is work underway directed at obtaining an FSB license allowing us to develop information systems using cryptographic information protection facilities and at obtaining an official opinion regarding the correct work of CryptoPro with CyberFT. Given that CyberFT processing can be set up in any country, each CyberFT provider can include cryptographic information protection facility certified in country in question, and undergo local certification. |
Guarantees and control by the designated authorities |
Use of the certified facilities, availability of the required developer licenses, opinions of the competent authorities regarding the correct work of cryptographic information protection facilities and other documents, confirming compliance with the current legislation and requirements of empowered bodies (Main Directorate of Information Security and Protection of the Bank of Russia, FSB, Ministry of Internal Affairs, FSTEC, etc.) ensure reliability of CyberFT and its security for the participating customers. |
Guaranteed message delivery and storage |
CyberFT fully guarantees message delivery thanks to the use of the queue technology. Such an approach ensures asynchronous behavior of delivery and only allows you to deliver the message once, regardless of the possible network errors. That said, a message sender always receives detailed information (statuses) on the message sent. All sent messages are stored with the sender, receiver and provider(s) without any expiration limit. That said, messages stored with the provider are encrypted so as not to be accessible to the provider |
Identification of each user |
|
Guaranteed acknowledgement of legal validity of messages |
All messages transmitted via CyberFT have a mandatory e-signature (or even several of them, depending on the customer settings and existing business processes). Well-oiled agreement base and use of the unqualified or qualified e-signature enable you to set up a full-fledged e-document flow among the members and guarantee legal validity of the transmitted messages. |
Performing functions of the certification authority |
When joining CyberFT each member is obliged to exchange their keys with their provider, who keeps list of and stores open key certificates of every member. While transmitting the message, processing verifies the signature key certificates (expiration date, lack of blockings, rights of the signatories, etc.) and if everything is fine it signs the message envelope with its key and sends it to the receiver. As a result, processing plays a role of the certification authority and verifies the transmitted e-document. It is worth noting that CyberPlat has registered its own accredited certification authority, which means any CyberFT member can receive their keys in our certification center and jump right into cooperating with other CyberFT members, who should also have their keys. Besides the obvious extra security measures, such an approach allows the members to save time required to exchange keys among the members. CyberFT members can also use the keys they obtained in other accredited certification centers. |
Structuredness of the transmitted data |
|
Supports international and local standards |
CyberFT supports international standards ISO 15022 (SWIFT Fin) and ISO 20022, as well as Russian formats such as 1C, IEIS, etc. CyberFT has all it takes to quickly develop new formats and visual / printing document forms at request of the customers without any limitations. |
Collaboration with work groups |
Many information system developers create their own document standards and formats that suit them. The result is customers that use multiple RBS systems of different banks and are forced to adapt to work with different document formats in each system. These inconveniences give birth to extra costs for the customers due to the time required to process different formats and what’s worse it may cause mistakes that can lead to drastic financial losses. Since CyberFT is first and foremost oriented towards operation in compliance with international and local standards, CyberPlat employees vigorously partake in activities of work groups with various organizations (National Payment Council, Association of Corporate Treasurers, etc.) that deal with issues of development and adaption of financial message standards, commercial document flow messages, e-signature, etc. That is why CyberFT instantly implements approval of new formats and changing of the existing ones. |
Compatibility |
|
Integration with automated systems |
CyberFT is designed as a universal system for financial messaging and organization of legally valid e-document flow for various customer categories. That is why during its development a task of easy integration with automated customer systems was a number one priority. From the protocol standpoint CyberFT can operate with other systems via the file exchange, web-services or through integration via the service bus. |
Interbank cooperation |
CyberFT supports generally accepted ISO 15022 (aka SWIFT Fin), ISO 20022, XML and other standards. Up to date there were obtained certificates from two banking system producers and there is an ongoing testing of the system with the most popular Russian ABS developers aimed at the creation of the routine integration solutions and obtaining certificates of compliance with these ABS systems. |
Solutions for corporations and holdings |
CyberFT supports generally accepted ISO 15022 (aka SWIFT Fin, widely used by nearly every bank), ISO 20022 (which is getting popular among many banks and corporate clients), 1C, etc. CyberFT also supports file exchange, integration via web-services or via the service bus. |
Electronic Document Flow, ERP, accounting systems, ABS |
CyberFT members can use CyberFT not only to cooperate with banks, but also to cooperate with each other, thus organizing flow of legally valid e-documents. For instance, after establishing trust relationship two CyberFT members can electronically exchange contracts, invoices and other information necessary to run their business. CyberFT can be integrated with local systems of the Member (Electronic Document Flow System, ERP, accounting systems, ABS) as well as with intercorporate Electronic Document Flow Systems and networks (roaming). |
Solutions for small businesses based on 1C |
CyberFT 1C payment module enables its users to create, sign and send to their bank payment documents without leaving the 1C interface, including payment orders in rubles and foreign currency, requests for purchase and sale of the currency, foreign currency control documents, etc. and also receive bank statements, messages and information on the statuses of the sent documents. CyberFT supports a set of documents prepared in line with the Bank of Russia required for rendering RBS-related services. |
Universality |
|
Used by all types of customers |
CyberFT tackles tasks aimed at secure data exchange and can be used by any customer type, be it banks, corporate clients, stock exchanges, depositaries, state-owned companies, public authorities, individual proprietors, private individuals, etc. For instance, banks can cooperate with each other using SWIFT and at the same time set up data exchange with their customers bypassing the conventional e-banking system. Customers can use CyberFT as a unified channel for cooperation with banks and simultaneously cooperate with their counterparties within the e-document flow system. Private individuals can use CyberFT to interact with public authorities, whereas central banks can use it to build an up-to-date, flexible and secure information system within their country. |
One-stop shop principle |
Being universal, CyberFT enables its customers to cooperate with their counterparties via the single entry point. At the same time various types of users can work with CyberFT in line with their access rights and depending on the tasks they are going to tackle. For instance, CyberFT installed in the bank will allow you to:
|
Accessibility |
|
Coverage |
CyberFT is accessible to any customer type anywhere globally. |
Functional availability |
|
Pricing |
|
Expandability |
|
Architecture |
CyberFT holds an extra value due to its architecture, which enables its users to quickly create entire message categories using the format constructor. For example, in case some field length in MT103 message is not long enough, or if the need to get extra fields arises, CyberFT can develop a new extended format MT103E that would meet all the criteria. |
Modification of the system to tackling purpose- specfic tasks |
CyberFT application has no boundaries. At request of holdings or banks CyberPlat will develop a solution, which will allow you to optimize internal e-document flow, interbank cash pooling, e-document flow for factoring, etc. |