Reliable, fast and with high network security: PostFinance relies on SCION from Sunrise Business
With SCION from Sunrise Business, PostFinance is setting new standards when it comes to security and reliability – and thanks to its network architecture, the company is ready to meet the future demands of the modern Swiss financial market.
/f/105451/1276x470/8cd1bb2a05/sunrise-business-postfinance-postfinance_1276x470.jpg)
Founded in 1998 as a subsidiary of Swiss Post, PostFinance is one of Switzerland’s leading financial-service providers. It offers innovative, smart solutions covering all aspects of money to around 2.5 million private and business customers. As a Swiss Payment Champion, PostFinance is the first choice for distributors and bill issuers when it comes to payment transactions.
Initial situation
As one of Switzerland’s leading financial-service providers, PostFinance turned to SCION technology back in 2019 – originally as an even more secure alternative to VPN for connecting external sites and home offices. However, the requirements for introducing instant payments, which enable virtually real-time money transfers between bank customers, were the real driver for implementing the new network technology. Such transactions between banks (interbank transactions) in Switzerland are processed via the SSFN – the SCION-based network of the Swiss National Bank and SIX. The SSFN allows the connected parties to communicate securely with SIX, other financial-market infrastructures and also with each other. The SSFN, a closed network group that does not rely on the Internet, protects users from cyber risks while exchanging data.
/f/105451/628x350/f73b9d85a5/sunrise-business-postfinance-628x350.jpg)
PostFinance introduced SCION to comply with the regulatory requirements applicable in Switzerland early on, with the aim of carrying out critical financial transactions in a stable, reliable and secure network. To this end, PostFinance was looking for a ready-to-use complete solution: «Theoretically, it would also have been possible to install the required gateway ourselves and equip it with the SCION protocol,» says Patrick Hollinger, Architecture Owner IaaS-Platform at PostFinance. «But this didn’t seem like the ideal approach to us, as we lacked experience with this new protocol and didn’t want to lose too much time developing and operating a system that would provide such a business-critical connection. We wanted to rely on the experience of experts and purchase SCION as a managed service: a turnkey complete solution with ready-to-use components that we could buy as a product and have installed and operated by the provider.»
SCION (Scalability, Control and Isolation On Next-Generation Networks) is an autonomous, isolated ecosystem for the secure and reliable transmission of sensitive data, developed by the ETH spin-off Anapaya Systems. With isolated end-to-end communication, companies and public organisations retain full control over data traffic between their locations. SCION technology regulates data transfers autonomously and independently of an Internet provider as well as on efficient, authorised routes: data are exchanged exclusively between authenticated participants in a closed ecosystem and therefore cannot be accessed by the public. In this way, SCION offers effective protection against cyber threats, making it particularly suitable for exchanging critical data – such as data in the financial sector. In addition to increased security and protection against cyber risks, the SSFN connection also offers better availability.
SIX and the Swiss National Bank recognised the advantages offered by SCION and made a communication network based on SCION available to the Swiss financial market: the SSFN (Secure Swiss Finance Network). At the end of September 2024, the SSFN replaced the previous standard network solution for financial-service providers, Finance IPNet. PostFinance wanted to switch to SCION/SSFN as quickly as possible to be able to deal with any complications at an early stage and be prepared for the move to SSFN.
The finished solution includes two SCION routers installed in the PostFinance data centres. To guarantee maximum reliability, an additional connection from another network-service provider was set up alongside the Sunrise Business connection. The redundant architecture enables a seamless failover in the event that one of the connections fails. This ensures the continuity of financial transactions – and thus of PostFinance’s core business. Sunrise Business is solely responsible for operating the SCION network (managed service).
The close collaboration between PostFinance, Swiss Post’s IT/Technology department, Sunrise Business and technology partner Anapaya was crucial to the success of the project – as was the existing partnership with Sunrise Business: «The responsible Sunrise Business account manager was already very familiar with Swiss Post and knew exactly which solutions and services we were using already,» says Patrick Hollinger. «That’s why Sunrise Business was able to cater to our very specific needs.»
Since both SCION as a technology and SSFN as a network based on it were very new, this led to many questions at the beginning of the project: how does the failover work? How do we address the devices, how does the internal routing work? Which certificates need to be provided with the hardware? Regular meetings were held to discuss these and other questions before implementing the solution in the autumn of 2022 alongside the existing network infrastructure. The first application tests took place in the spring of 2023, and all interbank transactions were migrated in the autumn of the same year.
By implementing SCION and connecting to the SSFN, PostFinance has laid the foundations for its financial communication of the future. In addition to using it for interbank transactions via SIX, PostFinance also plans to use SCION/SSFN for additional applications in its communications with other banks and financial-service providers – with the corresponding security and cost benefits.
Swiss Post, as well as PostFinance as its subsidiary, have relied on Sunrise Business connectivity and calling solutions for a number of years. This existing partnership and positive experiences in other network projects played an important role in choosing Sunrise Business as a SCION provider. On top of this, Sunrise Business was able to prove itself as a technology leader when it came to SCION: «At the time, Sunrise Business was the only company that could offer us a marketable managed service with a SCION appliance,» says Hollinger. «Other providers had also promised us a SCION solution, but they couldn’t give us a binding date to implement it. This was another decisive factor that persuaded us to opt for Sunrise Business again.»
/f/105451/628x350/fff615fcdc/sunrise-business-sustainability-628x350-en.png)
Proving its spirit of innovation, Sunrise is one of the Swiss ISPs that has introduced and developed services based on Switzerland’s own SCION technology. This innovation has transformed the way the finance industry communicates, making it more secure and reliable. Many banks in Switzerland already use Sunrise Business SCION services to guarantee secure traffic between institutions and provide safe access to remote users.
Sunrise Business is driving the use of this technology in other verticals, like the health and energy sectors, with the vision of providing a more secure cyber environment where data can be transported and society as a whole benefits from the guarantee that their private data is safe.