On June 6, the Financial Times reported the administration of President Donald J. Trump is planning punishments for any company doing business with Iran. A company that could be affected by U.S. sanctions is the Society for Worldwide Interbank Financial Telecommunication, commonly known as SWIFT. Founded in 1973, SWIFT is a global provider of secure financial messaging and transaction services commonly used by banks around the world.
The United States has stated that SWIFT must cease financial transactions with Iran or face frozen assets and other punishments.
But is the Trump administration’s demand really about Iran? Or is it an attempt by the United States government to conquer the international payment market and its data?
Why US dominates digital economy
The United States dominates most digital markets via search engines, social media, website builders and operating systems based in the country. Through these platforms and others, the United States likely has access to the data and information of not only American citizens, but citizens and companies worldwide. This unique access to worldwide data is the basis of the United States’ primacy in the digital economy.
However, one essential item is missing in the country’s data bucket: control of international payment transactions.
SWIFT is a cooperative company that says it connects more than 11,000 financial institutions worldwide. It maintains a secure messaging system banks use for international transactions. The company is headquartered in Belgium, but has data centers in the Netherlands and United States, with backup facilities in Switzerland.
SWIFT values its neutrality and goes to great lengths to prevent outside parties gaining access to its financial messages and transaction records.
On October 23, 2013, the EU parliament passed a resolution suspending the international Terrorist Finance Tracking Program “as a result of US National Security Agency (NSA) surveillance.” The resolution was a reaction to news that the NSA had created illegal backdoors into SWIFT servers located in the United States in order to tap into international payment records.
A second NSA hack of SWIFT payment information was reported in April 2017 in the American Banker. That publication reported the NSA had managed to gain access to SWIFT data on some Middle Eastern banks by hacking a third-party facilitator of SWIFT connectivity located in Dubai through an unsecured patch in MS Windows.
A crypto challenger emerges
A possible American competitor to SWIFT is the California-based crypto company Ripple. Ripple provides an international payment system based on cryptocurrency. Ripple is aggressively promoting its operation (Forbes) as an alternative to SWIFT for fast international transactions between banks.
The Financial Times reported Ripple has a $15 billion war chest to finance a hoped-for takeover of the international payment market. The company was founded in 2012. To date, more than 100 financial institutions have signed up with Ripple, which establishes it as a potential competitor to SWIFT.
If Ripple manages to displace SWIFT as the world’s primary facilitator of international banking transactions, it would mean a replacement of a neutral international nonprofit organization (SWIFT) by a for-profit company (Ripple) subject to California and U.S. laws governing international financial payments.
Ripple uses a distributed encrypted ledger. Each user has a copy of the ledger providing full payment information. In theory, the confidential information in the ledger cannot be read due to encryption. But with a key to decrypt, in combination with data outside the ledger collected by Ripple, a complete data set of all international payments can be made.
US interest in global financial data
The safety of data in the United States is unclear. An 2017 article published by Thomson Reuters describes a panoply of federal privacy-related laws that regulate the collection and use of personal data.
However, in a November 2017 report from the U.S. Senate Intelligence Committee regarding the extension of the Foreign Intelligence Surveillance Act Amendments Act, Democratic Senator Ron Wyden wrote in his minority opinion: “Under current law, the CIA, NSA and FBI can conduct these searches for no other reason than that they reasonably believe the searches will turn up foreign intelligence information.”
Having made at least two attempts to hack SWIFT, the U.S. government appears highly interested in international payment data. If the global preference for making international payments migrated from SWIFT to Ripple, the U.S. government would have much easier access to information on global payment transactions, and could theoretically access that information without informing the parties involved. Such an outcome would vastly increase U.S. control over international payment transactions.
Even if a legal government seizure of records didn’t occur, there’s a reasonable chance of a breach via a software backdoor to the data. Outsiders can’t verify the data security of Ripple.
A SWIFT response
In December 2017, SWIFT published an opinion article about blockchain technology (which is used by Ripple) in an IM Forum. The report claimed blockchain cannot yet handle one million financial transactions a minute, as SWIFT says it currently does. The report stated that a standard for international transactions should carry money from national banks, backed by governments instead of cryptocurrencies with no official backing or only the backing of a commercial company.
Financial transactions are not secure, because encrypted transactions might be reverse-engineered. Only a semi-centralized version of blockchain technology could be secure.
SWIFT concludes that widely distributed confidential information (such as its rival Ripple’s ledger) can never be completely safe.
What implications does an American company keeping records on the financial transaction data of the world have on a socioeconomic scale?