PeSIT Protocol: Advantages and Considerations

PeSIT Protocol Still Viable for European Banking Sector

The PeSIT file transfer protocol, used primarily by financial organizations in Europe, enables files to be written and read from one machine to another on a point-to-point or point-to-multipoint basis. And, while it can certainly be used beyond banking, it remains one of the lesser known, but still secure and reliable file transfer protocols for the financial industry.

PeSIT is short for Protocol d’Echanges pour un Systeme Interbancaire de Telecompensation and it was developed in 1986 specifically to offer control and security around file transfers in the banking industry.

To avoid differences between the internal file management systems of each computer in an exchange, a virtual file organization model suitable for all computers is used, where each PeSIT user manages the translations needed between actual computer files and the virtual files transferred by the protocol.

Why Some MFT Providers Do Not Support PeSIT

Despite PeSIT being secure, this open, end-to-end protocol is not broadly supported by many Managed File Transfer (MFT) or gateway providers today, as the protocol has a limited market – primarily the financial industry. And, unless the protocol is specifically mandated by trading partners or for industry compliance requirements, many organizations tend to rely on more broad, familiar, and widely used file transfer protocols such as SFTP, FTPS or HTTPS.

However, PeSIT remains a stalwart protocol in use by many European banking entities, whether compliance mandates require it, or those organizations already have established infrastructure built around the protocol. Leading MFT solutions, like Fortra’s GoAnywhere MFT, fully support the protocol, responding to their financial customers’ requests for PeSIT.

“At Fortra, we support PeSIT, alongside many other protocols such as FTPS, SFTP, AS2, and HTTPS. We want to offer organizations the flexibility to choose the protocol(s) they prefer and need when transferring business-critical or sensitive data, including well-established and mature protocols such as PeSIT.” said Eduard Sesaras, Lead Solutions Engineer, Fortra. “As an MFT solution, GoAnywhere’s aim is to provide a unique and modern platform to manage, control and secure any file transfer flow, regardless of the protocol required to integrate the data.”

What Are the Advantages of the PeSIT Protocol?

“The top advantage of using the PeSIT protocol is the high level of security it offers financial institutions for encryption and authentication,” said Sesaras. “With so much at stake when files contain financial data, knowing that files are automatically encrypted, and that authentication of access can be controlled is invaluable.”

Sesaras added, “PeSIT is more sophisticated than most of the popular yet secure file transfer protocols. For instance, PeSIT allows users to not only transfer files between different systems point-to-point, but also organizes the file transfer service by adding an identification and classification of each file transfer flow. The exchange of messages and user fields, as well as the classification of flows by application, helps anchor each transfer better in business applications.”

Other PeSIT perks:

• PeSIT is a file system agnostic protocol. The whole file and directory concept is a non-factor with this protocol, which is helpful as existing file systems can vary considerably in how files are formatted and stored. How data is stored doesn’t actually matter with PeSIT, as the protocol cares more about how the data is encoded for reading and writing and how the virtual file is named or identified.
• PeSIT is efficient. Given the large volume of data exchanged in the finance sector, PeSIT's asynchronous design delivers efficient transaction processing and performance.
• PeSIT is reliable: When money is at stake, a protocol that offers transmission error detection and correction, such as checkpoints, auto-retry, and transfer suspension is invaluable:
  • Checkpoints let senders insert sequential indicators so that the receiver can acknowledge the points as received and stored correctly up to that point. This helps ensure that should a file transfer error occur; the transfer can be restarted from the most recent checkpoint.
  • Transfer suspension lets users stop or deselect a transfer to run a higher-priority transfer. The halted transfer can resume processing later.
  • Acknowledgments and prioritization provide greater flexibility and control than most of the popular file transfer protocols.
• PeSIT delivers standardization: Within the French banking industry, PeSIT helps ensure interoperability between different financial institutions, facilitating communications across varied systems.
• PeSIT helps meet compliance requirements: Specifically in the French financial sector, but also for any other compliance mandates, PeSIT offers robust protections around file exchanges, including offering extensive auditing and reporting functionality when used with GoAnywhere MFT.
• PeSIT handles large volume file transfers: Batch processing of large volumes of financial transactions is easily handled with the PeSIT protocol in place.

PeSIT and MFT Combine for Secure, Efficient Data Exchanges

Whether adding new bank branches to an enterprise or working with a new trading partner, MFT helps financial institutions quickly get different parties exchanging data securely and efficiently, with standardized processes to help meet interoperability goals.

File security is boosted through both forward and reverse proxies to add layers of security between devices and the server as well as between servers and the internet. Also, neither the file name nor its location on the host or destination file system is ever shared across the network for security reasons.

In addition, to help boost critical uptime, MFT environments can be created to provide load balancing and clustering – critical in the fast-paced, high-stakes financial industry, should a system failure occur in one location.

Financial organizations using robust MFT can also be assured that their compliance requirements around file movements, storage and auditable activities can be met. With GoAnywhere MFT, audit logs can be created for all PeSIT transactions, and the detail of the logs can be controlled on a per-project basis by an administrator. These details can include all PeSIT commands, any PeSIT messages and files transferred.

In addition, GoAnywhere delivers the following benefits for sending and receiving files with PeSIT:

• Full support of the standard command set
• Ability to specify maximum data block lengths
• SSL Certificate Server Authentication
• Configurable port ranges
• File filtering to include or exclude files based on established criteria such as wildcards, date and time range, size range, etc.
• Alerts for transfer failures via email, text messages and system messages

As a reusable resource within the MFT solution, PeSIT tasks can be placed within workflows or projects to execute as needed. For example, a project could be established to gather customer loan records from a database file, the records could then be converted into a CSV file, and that file could then be placed onto a PeSIT server.

Limitations of PeSIT
Only one file can be transferred at a time during a particular PeSIT session. However, if multiple sessions are opened, several files can be transferred simultaneously. The work carried out during a PeSIT session can be structured as a series of commands within each other which must be opened in a hierarchical order and closed in the reverse order. If the session is interrupted or discontinued prematurely by a user, all active commands are considered implicitly closed.