BrokerTec Drop Copy Groups

Using BrokerTec Requests - Drop Copy Groups function, authorized users can create and manage sessions that can receive trading activity communications via the iLink order entry gateway.

To receive messages at multiple related entities, configure drop copy groups (target sessions) with additional source sendercomp sessions.

Example: Clearing firms only receive messages related to activity which they clear.

From the BrokerTec Requests menu the following Drop Copy functions are available:

• Creating a Drop Copy Group: Create a new Drop Copy Group.
• Editing and Deleting: Edit and delete existing Drop Copy Groups.

Associated target Session IDs cannot be deleted from Request Center.

For assistance, contact Global Account Management.

• Securing Drop Copy Sessions: To secure the login for Drop Copy sessions, use Hash Message Authentication Codes (HMAC) to create a secure key-pair login.

• My Requests: View Submitted requests and approve, as necessary.

Creating a Drop Copy Group

Use the Drop Copy function to configure an entity to receive business and session activity messages.

The creation process consists of the following steps:

• Select Registered Entity
• Specify Group Name
• Select Front End System
• Select Filters
• Add Source Sender Comps
• Submit
• To create a Drop Copy Group:

1. From the Request Center - BrokerTec Requests menu, select Drop Copy Groups.

2. Select a Registered Entity to manage.

3. Select Create New Group > BrokerTec EU / U.S..

A dialog indicates the number of existing Drop Copy groups and the fee for creating a new group, if applicable.

Note: Customers receive one free Drop Copy Group, a fee is incurred for each additional instance.
There is no limit to the number of Source SenderComps assigned to a given Drop Copy Group.

4. To continue, select Proceed.
5. On the page that appears specify the Drop Copy Group Name and Front End System to monitor.
   

6. For the Filters, select communication types the Drop Copy Group will track.

Available communication types:

• Acknowledgement (Ack) Messages.
• Execution Reports:
• Execution - Order Entry: New Order Acknowledgement message.
• Execution - Create / Cancel / Modify: Response message
• Execution - Elimination: Order expiration message.
• Trade - Fill Notice: Complete and partial fills.
• Trade - Trade Cancel: Notifies user of trade cancellation.
• Heartbeat: A response message that confirms connectivity.
• Order Mass Action Filter: Confirms the number of canceled orders.
• Reject Messages: Message indicates a session level error has occurred.
• Trade Busts: Trade cancellation: (see Trade Cancel, above).

Note: Using session configuration information, the selected communications are routed to the Source SenderComp / Session IDs.

7. Select Add Source SenderComps:

1. Filter by Globex Firm (optional).

2. Select from the available Source SenderComps, then select Add.

8. To finalize, select Submit.

Submitted requests are available from the Request Center and initially assigned an In Progress status.

After validation and setup, the status changes to Completed and the Drop Copy Group appears in the Drop Copy Group > Registered Entity list.

Secure Key Pairs

CME Group uses a secure login process for Drop Copy, Order Entry and Market Data API services.

Using self-service functions, users can generate and manage key pairs (Access Key IDSecure login request + Secret KeyUsed to create HMAC signature.) to secure user login and Drop Copy message activity.

• Customer identity verification: Login is signed with CME Group issued and validated security credentials.
• Message confidentiality and integrity: CME Globex uses customer submitted credentials to calculate the HMAC value to validate against a login request.
• Once created, credentials are accessible and available for multiple downloads.
• In situations when a secure key is within four weeks of expiration, a user can have two secure key pairs.

Notification of pending security credential expiration will be sent by email to registered administrators.

• If a customer generates a third secure key pair:
• The user must delete a secure key pairs immediately.
• The oldest secure key pair will expire in four weeks (at market close).

Generating Keys for Drop Copy Sessions

CME Group uses a secure login process for Drop Copy API services using secure key pairs (Access Key ID + Secret Key) to login to API Order Entry sessions.

Pending Expiration

Prior to expiration, an email notification is sent to registered administrators and a system notification on the Drop Copy, Order Entry or Market Data Session modules. During the pending expiration period a second key pair can be created and the initial key pair remains active for up to four weeks, after which the older key pair is automatically expired (after market close).

Following is an overview of the secure key management process:

1. From the BrokerTec Requests menu, select Drop Copy Groups.

2. Select Registered Entity, then select a Drop Copy Group to manage.

3. From the Drop Copy - Target Sessions tab, select a Target Session checkbox, then select Manage Keys for Selected Sessions > Generate Keys.

4. On the screen that appears, select Generate Key, then Download the Key.

5. To download the key, confirm your identity by completing multi-factor identification, using one of the following methods:

CME Group requires customers to update their security credentials every 12 months.

• SMS code: Sent to the default CME Group Login mobile phone.
• Contact EASE: Upon user identity verification, receive a one-time use code.
• Duo Security

After authenticating, a cryptographic key pair is generated.

A confirmation banner appears, an email confirmation is sent to the registered address and the request is added to My Requests.

6. From the saved file, view the corresponding Secure Key, which is used for securing Drop Copy Sessions.

Additional Options:

• Delete Keys: Select and confirm deletion.
• Download Keys: Download the cryptographic key as a flat text file.

Editing Drop Copy Groups

Using the CME Globex Drop Copy Group functionality users can view and manage existing Drop Copy Groups.

• To edit Drop Copy group details:

1. From the Globex Requests menu, select Drop Copy Groups.

2. From the drop-down menu, select a Registered Entity.

3. Select a Groupto edit.

Select Edit, then update Drop Copy Group details as required:

• Target Sessions (view only)
• Source SenderComps / Source SenderComps by GFID

4. On the Details page update the Drop Copy Group Name, Front End System and Filters, Target Sessions, Source SenderComps:

Note: Designated user administrators can update front end system mapping.

• Target Sessions: View-only session configuration details.

To view Public Key ID details, select Show.

• Source SenderComps: Select additional Source SenderComps that will receive messages.

• Add Source SenderComps by GFID: Select firm(s) as required.

5. To finalize updates, select Submit.

Additional Options:

• Deleting Drop Copy Groups - Select Drop Copy Group(s), click Delete Group(s).

An additional delete function is available from the Target Sessions tab.