Architects of Change: Perspectives

IPv6 for banking networks

Written by Lucas Pinz | May 12, 2014 9:32:11 AM

Lucas Pinz looks at the dangers faced by Brazilian (and other) banks who do not address the pressing call to migrate from IPv4 to IPv6.

When was the last time you actually went to the bank? I really do not remember my last visit. I’ve been living in Rio de Janeiro for several years and my account is still in Sao Paulo. The more we bank over the Internet, the less time we spend physically in the bank. Today, with few exceptions, the internet is the main access platform to banking systems worldwide.

According to MIT, “the financial and entertainment industries are the biggest examples of digital businesses.” In Brazil, millions of financial transactions are now made through smartphones. FEBRABAN report that mobile banking transactions grew over 300% per year, reaching more than 820 million transactions in mobile channels in 2012.

A business that depends this much on the Internet therefore cannot be vulnerable and remain passive while facing the raft of technological changes and development currently underway, and one such change is IP protocol (Internet Protocol) migration.

Let me explain, the internet was established and consolidated over Internet Protocol’s version 4 (IPv4).  The number of public addresses available is insufficient to meet the demand explosion and current Internet usage. If it weren’t for alternative techniques such as NAT, private address, CIDR blocks which, amongst others, allow the existing quota of IP addresses to be shared, aggregated and extended, IPv4 would have been over for a decade. This drastic shortfall led to IP version 6 (IPv6) being created, with implementation starting a few years ago. In case you’re wondering, the IPv6 address space is so large that it would be able to connect every grain of sand on all beaches from all over the planet!

However, the migration from IPv4 to IPv6 is not simple and requires planning and investment.

Currently, IPv6 projects are underway in several operators in Latin America. This means that already in 2014, me, you, our friends, residential broadband users (and bank customers) can receive an IPv6 address, plus a private IPv4, for us to connect to the Internet. And then, what will happen? Well, the user will have two options to connect to Internet, one via an IPv6 network and the other via a private IPv4 + NAT. In anticipation of this, more recent operating systems for PCs, laptops, tablets and smartphones prefer IPv6 connections by default. So when typing www.bancoXYZ.com.br in your browser, or accessing your bank’s app from your phone, it will prefer to establish the connection to the desired content via IPv6.

But here’s the problem: when testing this type of connection via IPv6 to major Brazilian bank portals, the answer was 0% connection. This means that the banks tested don’t have IPv6 implementation. In this case, the web browser, after not getting a DNS response saying the site www.bancoXYZ.com.br could respond via IPv6, establishes a connection via IPv4 network. And that is where the issue of performance and user experience becomes important. Probably the IPv4 connection you receive will have to go through a NAT solution on the carrier’s network. Tests recently made by some banks in India show that latency time in accessing the bank's website via IPv6 is significantly lower compared to IPv4. It boils down to this: a native connection over IPv6 will be better than the experience of a connection through private IPv4 + NAT. So will banks assume the risk of having incomplete web transactions due to IP connectivity issues?

At the risk of repeating myself, implementing IPv6 will not be simple. It must be well planned and tested. The CIO and IT team must, as a first step, carry out an IPv6 compatibility assessment with its IT equipment base, from ATMs to the servers that store and process web content. Brazil's banking system is considered one of the most modern in the world, for both its coverage and electronic system capacity. But banks are really differentiated according to customer experiences, and networks are critical and largely responsible for the good (or bad) user experience.

IPv6 implementation by banks will be essential to ensure a good web experience for their customers – and if MIT is right and banks are true digital businesses, the web experience is everything.