Technical Guidelines

This work is licensed under a Creative Commons Attribution-NoDerivatives 4.0 International License.

Information Security

Technical resources and implementation notes addressing security when using the FIX Protocol.

The documents provided below have been reviewed or produced by the Global Technical Committee’s Information Security Subcommittee.


FIX Security White Paper v1.9 700.29 KB 2839 downloads July 23, 2017

The "FIX Security White Paper (v1.9)" is intended to provide FIX Trading Community members with some of the common questions and answers regarding computer and network security when using FIX. Its scope...

FIXS Stunnel User Guide for FIX Applications 133.14 KB 1530 downloads August 18, 2017

FIX-over-TLS (FIXS) Stunnel User Guide for FIX Applications - this guide is intended to allow anyone to get started with FIXS, whilst the FIXS specification is applicable to all TLS implementations. Updated:...

PGP-DES_MD5 and PEM-DES-MD5 Overview 25.50 KB 448 downloads February 17, 1996

This application note addresses Authentication, Confidentiality and Integrity for data transmitted between two parties. It describes the protocol for Key Exchange, Data Encryption of selected fields in...

PGP-DES-MD5 and PEM-DES-MD5 Implementation 224.00 KB 345 downloads June 2, 2017

The files included in this distribution are an implementation of the FIX security protocol. Written and contributed by Morgan Stanley in 1995 and 1996. (TAR, 224KB) [May 24, 1996] ...

    Stunnel Universal SSL Wrapper
    Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can be used to securely wrap unencrpyted FIX traffic. The Stunnel source code is not a complete product — you still require a functioning SSL library such as OpenSSL or SSLeay in order to compile stunnel. This means that stunnel can support whatever (and only) that which your SSL library can, without making any changes in the Stunnel code. The Stunnel source code is available under the GNU General Public License.

    Information Security Presentations


    Encryption Working Group Presentation - July 24, 2000 768.50 KB 326 downloads July 24, 2000

    This document has been revised to correct errors in the presentation and add additional information relating to CA infrastructure addressed at the meeting. ...

    FIX Security Presentation 185.50 KB 662 downloads February 14, 2017

    Presentation about how FIX addresses security. ...


      The following document describes the the proper way to conduct a multicast session for market data distribution using FIX message formats


      Multicast Recommended Practices 539.58 KB 762 downloads January 14, 2006

      This document describes the the proper way to conduct a multicast session for market data distribution using FIX message formats. ...

      Time Precision Technical Addendum 580.93 KB 3650 downloads February 24, 2017

      Time Precision Technical Addendum. This Technical Addendum addresses the time precision granularity by extending the FIX data type for timestamps to picoseconds.  The Technical Addendum is applicable...

        We also have recommended practices for 24×7 sessions.