AS2 stands for Applicability Statement 2. It is a B2B messaging protocol which is majorly used to transmit Electronic Data Interchange (EDI) documents from one business unit/organization to another.
AS2 is one of those universally accepted methods which is used for interchange of data/information used by millions of small-medium-large scale businesses worldwide, including the big retail giants like Amazon and Walmart. AS2 specifies how to securely interchange data via the Internet using http/s.
AS2 protocol is a second-generation EDI protocol - developed in order to replace AS1 which uses email protocols for secure data transfers over the hops. AS2 was created by the Internet Engineering Task Force (IETF) in 2002.
AS2 is a protocol designed in order to target and support three core features for the data interchange:
AS2 follows a simple and straightforward process. AS2 forms or rather generates an "Envelope" for and above the EDI data to send it securely via the web using https/s. Let’s walk through the process as to how it works:
On transmission of messages using AS2 software:
Documents should be prepared in a standard EDI format to send over AS2. However, document in any format can be send via AS2.
The document is transformed to send via AS2. Documents sent via AS2 might undergo three different types of transformation:
The messages (securely formatted data via AS2 and other transmission related) is securely transmitted over http/s using file transmission software.
The receiving server is ready to receive messages addressed to it at any point of time. The receiver of the secured standard document then unpackages it to retrieve the original EDI document.
The AS2 receiver passes the unpackaged EDI document to the pre-defined back-end process. It handles the data to perform additional business logic over it.
The receiving end user uses AS2 or EDI software to extract the received message and thereafter sends the message confirmation receipts to the sender of the message.
On receiving the acknowledgement from the receiver end, the sender (originator of message) validates the receipt signature. Thereafter it compares the returned content message integrity check (MIC) against the one that was originally calculated.
AS2 uses the hypertext transmission protocol (HTTP), which can be specifically secured with an SSL certificate and can add-on https. Nowadays, most of the websites have shifted or are shifting from the traditional http to more secured https and thus it is becoming the standard.
Receipts, or rather say message disposition notifications (MDNs), confirm to the sender that the trading partners have received a document. It provides "Non-Repudiation," or rather say non-deniability of receipt which confirms the successful transfer.
Both the trading partners can mutually sign the transactions in order to certify the authenticity. AS2 supports the below mentioned options:
The AS2 standard mostly recommends using SHA-2. But one might also need to support SHA-1 as well in order to deal with different trading partners.
AS2 message contents is encrypted to secure the data been transferred with the help of recipient's public certificate. The only condition to transmit data via AS2 is that the EDI software uses and supports same encryption algorithm for both and all trading partners.
We, at Amosoft, recommend encrypting all AS2 EDI transactions with the help of digital certification. Only trading partners with a secure private key can receive and access the AS2 EDI transactions, preventing data loss or breach during the transit.
Using AS2, one can send & receive business transactions over the Internet with the firewall security.
Users can use AS2 either with direct EDI or use a Value Added Network (VAN) for each trading partner and all partners.
To see our updates!
Visit our Channel
for company updates!