In the ever-evolving landscape of digital communication protocols, one might wonder about the relevance of older systems like PeSIT (PeSIT, Protocole d’Échange Standard Interbanques de Télétransmission). Developed in the 1980s by the French banking industry, PeSIT was designed to facilitate secure data exchange between banks and financial institutions. However, with the advent of modern technologies and more advanced protocols, the question arises: Is PeSIT still relevant in today’s digital world?
To answer this question, it’s essential to delve into the characteristics and functionalities of PeSIT and compare them with contemporary alternatives.
PeSit in finance industry
PeSIT was originally conceived to address the specific needs of the banking sector, providing a standardized method for transmitting financial data securely over telecommunication networks. Its key features included data integrity, encryption, and reliable delivery, making it suitable for the sensitive nature of financial transactions. Additionally, PeSIT supported various communication modes, including point-to-point and point-to-multipoint, catering to diverse operational requirements within the banking industry.
However, as technology progressed, newer communication protocols emerged, offering enhanced features and capabilities. Protocols like AS2 (Applicability Statement 2), AS4, and OFTP2 (Odette File Transfer Protocol 2) gained popularity for their support of modern security standards, such as SSL/TLS encryption and digital signatures, along with improved interoperability and scalability.
Article: AS2, AS3, AS4 : What are the differences between these protocols? https://bluefinch-esbd.com/en/as2-as3-as4-what-are-the-differences/
One of the primary challenges with PeSIT is its lack of adaptability to modern security standards and technologies. While it served its purpose well in the past, the protocol’s reliance on older encryption methods and limited support for newer authentication mechanisms pose significant vulnerabilities in today’s cybersecurity landscape. As cyber threats become more sophisticated, organisations must adopt robust security measures to safeguard their data and infrastructure, which may necessitate transitioning away from legacy protocols like PeSIT.
Moreover, the rise of cloud computing and Software-as-a-Service (SaaS) solutions has transformed the way businesses exchange data. Modern communication protocols offer seamless integration with cloud platforms and support for web services, enabling organizations to leverage the scalability and flexibility of cloud-based architectures. In contrast, PeSIT’s compatibility with cloud environments is limited, requiring additional middleware or custom integration efforts to facilitate data exchange with cloud-based systems.
Despite these challenges, some argue that PeSIT still holds relevance in certain niche scenarios. For instance, in industries where regulatory compliance mandates the use of specific protocols or where legacy systems remain entrenched, PeSIT may continue to serve as a viable option. Additionally, organisations with established infrastructures built around PeSIT may opt to maintain support for the protocol to minimize disruption and avoid costly migration efforts.
Furthermore, PeSIT’s robustness and reliability in handling large volumes of transactions make it suitable for mission-critical applications where data integrity and consistency are paramount. In environments where real-time processing is not a requirement, PeSIT’s asynchronous nature can be advantageous, allowing for batch transfers and optimized resource utilization.
However, the decision to stick with PeSIT or transition to newer protocols ultimately depends on various factors, including security requirements, scalability needs, and future-proofing strategies. While PeSIT may offer certain advantages in specific use cases, organizations must weigh the benefits against the risks and evaluate whether the protocol aligns with their long-term objectives and technological roadmap.
PeSIT use case
One of our customer wanted to migrate from XFB Gateway for PeSIT transfers.
The “XFB Gateway” solution by Axway was reaching the end of its life. The proposal of the current supplier was to switch to its new solution “Secure Transport”. This situation was the reason for the customer to launch an open consultation, comparing costs and functional possibilities of other solutions that are currently available on the market.
The “XFB Gateway” platform was mainly used to make PeSIT transfers with business partners, both internal and external. Additional pre- and post-processing tasks were
performed through shell scripts. This induced constraints due to manual execution of these tasks, potential knowledge drain and the maintenance of these scripts throughout time.
But what triggered the customer to look for another solution?
By talking to other users, they learned that migrating Axway XFB to the solution “Secure Transport was not as transparent or painless” as imagined. The financial aspect of this migration has also been an important element in the customer’s decision to initiate a market consultation.
The consultation started off with two main goals: reducing the software and maintenance cost and significantly gain productivity. Additionally, the continuity of the operational flows had to be guaranteed during the migration, as well as keeping processing functionalities the way they were in the different shell scripts while changing to a more durable and simple solution.
Modernisation projects frequently experience thorny issues when automating tools are being used during a migration. Problems often occur because these scripts have been developed over a longer period and are not documented correctly or no longer exist within the company. In addition, the diversity of these scripts, written by different development teams, hardly respect any guidelines of harmonisation of the source code.
After carrying a proof of concept of the GoAnywhere MFT solution, the customer felt confident to integrate the solution.
GoAnywhere MFT’s extensive functional possibilities, scalability and easy-to-use interface convinced the customer’s technical teams. Furthermore, the strong points in the offered solutions were the native integration of audit trail logging and the possibility to greatly simplify the creation of automated file transfer processes. This made it possible to replace the use of custom developed shell scripts and all the related complexity and maintenance challenges. The most challenging part was understanding the complexity of the flows and scripts implemented for process automation, as well as the PeSIT protocol implemented in Axway’s solution since it was not fully respecting the RFC’s. It took all the expertise of BlueFinch-ESBD’s consultants to convert back to consistent standardisation and secure flow automation.
In conclusion, while PeSIT served as a cornerstone of secure data exchange in the banking industry for decades, organisations are faced with the challenge of modernizing their data exchange infrastructure to meet the demands of a rapidly evolving landscape. While PeSIT may still have a place in certain niche environments, its limitations in terms of security, compatibility, and scalability highlight the need for organisations to explore alternative or complementary solutions with great capabilities that can better address their present and future requirements.
