Wednesday, February 13, 2008

Trading Technology

Internet Trading

Internet Trading unleashes the potential of the Internet by providing the broking members of an exchange with the functionality to grant limited / full access to any of their clients.

When making this connection, the broker is guaranteed complete confidentiality and the rules of the exchange are strictly adhered to. The exchange receives bids and offers from the broker, acting as an agent on behalf of a client. Every such bid or offer is checked against limits, SET UP BY THE BROKER, and when any bid or offer is satisfied all other bids and offers are re-checked. Order authorization is totally unnecessary if the order is within the limits set by the broker, however, the facility is available.

The client has a restricted set of ATS functions, for example they cannot make a request for a double, or an RFQ. In real time however, they can bid, offer, hit a bid or offer, view their orders, trades, positions, and margin requirement.

As the Internet ATS server behaves just as a dealer would who receives a call from a client, a dealer who is logged in will see all the client orders as they are created and as they become trades and positions.

The Internet ATS software package consists of three separate modules, each performing specific functions.

ATS Inet server

Provides the interface between the client, broker and the appropriate exchange through which all deals take place. Stores a client database. The ATS Inet server runs at the broker. The broker can add new clients, delete clients or modify existing client data. Adding a client will grant them access to the relevant exchange system via the internet, if the client has the ATS Client Interface installed on their PC and has access to the internet. When a client is added the broker can choose to which degree the client is restricted to deal by setting the margin limits of the client, deciding whether the client can hit only, view depth and whether the client needs authorization to make deals. A client may also be denied dealing at all and will only be able to view the live data that is transmitted from the relevant exchange. If a client is deleted from the database, they will no longer be able to access the relevant financial market via the internet until they are added to the system again. The client's particulars may also be modified so that more/fewer restrictions are placed on them, according to the current wishes of the broker.

ATS Client Interface

Provides the means through which a client of the broker can view live exchange data, provides the means through which a client of the broker can make deals through the internet. The ATS Client Interface runs at the client. The client must be a registered exchange client, have access to the internet and have the ATS Client Interface installed on their PC. The client will have to supply their personal password before they are allowed to connect to the ATS Inet server. They will then be able to see live data streaming in from the relevant exchange on their terminal, and will be able to perform whatever functions their broker has allowed.

Monitor

The main function of the Monitor is to enable the broker to authorize the deals that a client wishes to make. The Monitor runs at the broker. Brokers will be able to see all those deals for which they wish to deny or grant approval, according to the criteria set up in the ATS Inet server for each client. When a client attempts to make a bid or offer that requires such approval, the client's code and details of the transaction will appear on the screen. The broker can then accept or decline the proposed deal at the click of a button.

Security and data integrity

A number of security measures have been built into the Internet ATS:

Encryption / Decryption

Any deals (bids/offers), or password changes made by the client is sensitive data that needs to be secured. The sensitive data is encrypted at the Client Interface and decrypted at the Internet server by making use of a complex encryption/decryption algorithm. The data is encrypted using an untraceable key, which includes random elements and changes daily. The key is calculated independently at both the Client Interface and the Internet server, making use of identical formulae, and is therefore never transmitted with the sensitive data.

Time encapsulation

Potentially, a hacker can intercept a sensitive message and re-send it a number of times to the Inet server without tampering with the message itself. Any number of identical transactions, unwanted by the client, can be performed at the exchange in this way as long as the margin limit of the client is not transgressed. In order to prevent this, the current time is recorded as part of the sensitive message, and is subsequently encrypted at the Client Interface and decrypted at the Internet server.

When a valid sensitive message has been sent (for example a client has made a valid bid) the time that is encapsulated within the message is stored at the Internet server. When the client sends a subsequent sensitive message, the time that is encapsulated in the second message is compared to the time that had been stored previously. Logic dictates that the time encapsulated in the second message must be a copy of an earlier message. Since the time that is encapsulated is also encrypted within the sensitive message, this cannot be tampered with and the potential scenario, as described, will not occur.

Password Issues

Password lengths must be a certain length and must contain at least 5 different characters. The client must change their password regularly. Recent passwords are stored at the Internet server and new passwords are checked against these so that passwords are not re-used often. If consecutive logins are unsuccessful, it is assumed that someone is tampering with the client's system.

In this case the Internet server changes the client's password to a random number, and a message is sent to the client to contact their broker who will be able to notify them what their password had been changed to. The client will then be able to re-iogin and change their password again should they wish to do so. Each time that a sensitive message is sent (for example on making a bid), the client must provide their password. In this way tampering by other people is minimized when the client is away from their computer.

Set out below are our technological specifications for each module of our Internet Automated Trading System:

Internet SERVERS:

  • 100 % IBM compatible 350 Mhz Pentium
  • 64MB RAM
  • 1.4MB stiffy drive 1 GB Hard Drive VGA
  • Windows NT Server
  • Windows IIS or equivalent
  • Novell 32 Client

Internet CLIENTS and MONITOR:

  • 100 % IBM compatible 200 Mhz Pentium
  • 32MB RAM
  • 1.4MB stiffy drive 1 GB Hard Drive
  • VGA
  • Windows 95/98/NT

Margin Monitor

The add-on tool which monitors margins, on Yield-X, real-time. Facilitating what-if inputs which enable you to check margin requirements prior to actual trade entry. Margin requirements are calculated on a trade for trade basis throughout the day. Margin contributions are calculated on trade level.

The Margin Monitor calculates the Risk Margin and the Settlement Margin for each participant of the market (Derivatives and Spot) that has Positions for the trading day. In addition, the Margin Monitor calculates the Margin for every Contract in the deals file per participant.

There is an option "What If" to calculate the margin of selected contracts, number of positions and Strike (only relevant for Option Contracts). These margins will either be calculated with offset - if there is a Participant of the market selected - or not, i.e. only the margin for the selected contracts.


No comments: