This article looks at some reasons for popularity of the IBM mainframe platform in the banking sector and touches upon its limitation for cross-vendor encryption and key management.
Mainframes Provide Needed Processing Power
Most banks use mainframes because only these machines can provide the computing power needed to process the many functions that these banks need to perform. In fact, one can see mainframes as small ‘super-computers.’ They share several common aspects with them in terms of architecture and history, for instance.
Mainframes are not only used to keep the bank’s records and to crunch numbers. They also support cloud and mobile transactions, run anti-fraud algorithms (using A.I.), perform market simulations and market analysis in ‘real-time,’ and much more. Banks favor mainframes because they can provide a single answer to a vast amount of their computing needs. Mainframes possess a unique combination of robustness, reliability, and rapid processing power that banks and financial institutions need to do all major computing functions in one place.
Banks now rely more on mobile and cloud-based interactions. Their clients extensively make purchases, check their balances, transfer money, and make deposits online using their mobile devices.
For larger banks, this means thousands of transactions per second. These data are sent to the cloud and then processed by the bank’s mainframes. Without the power of mainframes, banks would have a hard time processing these online data.
Mainframes are Ideal for Handling Big Data
Mainframes are extremely powerful and they can do more than provide processing power to banks. These machines can run ‘real-time’ analytics and data analysis on all their customers’ transactions. Therefore, they provide banks and financial organizations with permanent information about their customers’ behaviour, allowing them to shape many different product offerings.
In other words, ‘real-time’ analytics and data analysis involving big data is ideally done by mainframes.
Benefits of z/OS & Z Platform for Banks
Mission-critical applications are running on mainframes used by banks. These mission-critical applications need to run continuously. z/OS provides guarantees because of its inherent special features that allow applications to run smoothly and securely.
z/OS provides a way for the mainframe ecosystem to divide work. It is built into many functions that allow immediate parallel processing of commands and tasks and native multi-tenancy.
Here are just a few points that explain why banks find benefits in z/OS and the IBM Z platform.
Flexible Infrastructure with z/VM
IBM’s Z platform offers a wide range of highly secure virtualized environments for cloud implementation, especially with the z/VM operating system, which allows running virtual servers, blade servers, hypervisors, and support for machine partitioning.
Big Data Support
IBM’s mainframes provide an ideal platform for big data analytics, data warehouses, production processing, and web applications because they can support millions of users.
Centralized Data Support
It is estimated that almost 70% of bank production data comes from, goes into, or resides on bank mainframes. IBM’s Z platform provides banks with centralized and secure access to their essential information. This access control is extremely rich and offers complete granularity.
IBM Z Mainframes provide banks with strong security through their Common Cryptographic Architecture (CCA).
Embracing the Hybrid Cloud
Banks favor mainframes and are reluctant to use ‘public’ clouds. They use mainframes for:
- Processing ATM transactions & EFTPOS-initiated transactions;
- Processing online transactions initiated from customers’ mobile phones;
- Processing big data;
- Running Artificial Intelligence and decision systems;
- Running anti-fraud computations;
- Profiling in ‘real-time’ customers’ behaviour;
- Running market simulations to determine risks and future prices of assets;
- Providing payroll and similar functions to the bank’s internal systems;
- Running private clouds;
- Running private, permissioned blockchains.
- Now also hybrid cloud applications in private cloud contexts.
Still, the IBM mainframe infrastructure is not a one-and-for-all solution.
Past solutions of IBM mainframes lacked the ability to harness cloud advantages like rapid containerized application development, the possibility to utilize IBM’s Red Hat applications, cloud-native services, and open source applications, cross-enterprise environments for open banking applications, etc. From version z15 onwards, the IBM mainframes are able to operate across hybrid clouds, enabling cloud-native services and harnessing many of the cloud advantages without sacrificing the strong advantages on data security and data privacy.
Limits and Cross-Vendor Cryptography
IBM’s solutions have strong advantages and are set to remain a major pillar in banking infrastructure. But it is not likely that IBM will provide a one-and-for-all solution to payment and banking. New banking-oriented services like Microsoft’s Dynamics or SAP’s Business One offer banking-specific software-as-a-service solutions that many banks want to weave into their composite service solutions. Also scalable and elastic greenfield solutions may need hosted cloud infrastructures like MS Azure. IBM, for now, does not offer infrastructure as a service - it is a classical hardware-based solution.
To address the hybrid cloud envirnment that most financial services are moving towards, Cryptomathic provides Key Management solutions empowering the banks to stay in control of data and applications within a hybrid cloud architecture. These solutions manage all cryptographic keys in one centralized solution, compliant with banking regulations and enabling easy audits at central locations. This enables the banks to retain control over their data regardless of where it is stored.
- Selected articles on Key Management (2012-today) by Ashiq JA, Dawn M. Turner, Guillaume Forget, James H. Reinholm, Peter Landrock, Peter Smirnoff, Rob Stubbs, Stefan Hansen and more
- Selected articles on Key Management in the Cloud (2017-today) by Matt Landrock, Rob Stubbs, Stefan Hansen, Ulrich Scholten, Joe Lintzen and more
- Selected articles on IBM Mainframes in Banking Infrastructure (2019-today) by Martin Schmitt and more
- Key Management in a Multi-Cloud Environment - A blessing or a curse? (2017), by Johannes “Jo” Lintzen
- Buyer’s Guide to Choosing a Crypto Key Management System - Part 1: What is a key management system (2018), by Rob Stubbs
NIST SP800-57 Part 1 Revision 4: A Recommendation for Key Management (2016) by Elaine Barker
- CKMS Product Sheet (2016), by Cryptomathic
White Paper – Deploying CKMS Within a Business (2017), by Cryptomathic
- Digital Bank: Strategies to launch or become a digital bank Kindle Edition (2014), by Chris Skinner