.svg){kind=logo}
You may have seen that we recently released support for AS2 and that signing up for Couchdrop gives you an SFTP server as well as an AS2 server, which lets you send and receive messages using the AS2 protocol. If you haven’t heard of AS2, it’s another method of transferring files securely designed to send files between trading partners. Here we’ll answer what AS2 is, how it differs from other protocols like SFTP, and how you can use Couchdrop to simplify AS2 file transfers.
AS2 defined
AS2 stands for “Applicability Statement 2” and like SFTP, is a secure protocol for file transfers. In simple terms, it transports data over the internet in a secure way. It differs from other protocols in the specific way it accomplishes this.
Developed in the late 90s, AS2 was designed for B2B file transfers. It was built to replace AS1, which transmitted data via email. As an improvement to AS1, AS2 transmits data over HTTP/S, and has replaced AS1 for most use cases as it is faster, more versatile, and more secure. The primary usage of the protocol is for Electronic Data Interchange (EDI), a computer-to-computer messaging format, which we’ll explain in more detail later.
Other applicability statements
You may have come across other applicability statements like AS3 and AS4. At first glance, these might look like an upgraded version of AS2, but the difference is in the transport protocols used, and each has different use cases.
AS3 uses FTP as the transport protocol. Because FTP has fallen out of use due to its lack of encryption in standard use, AS3 is used less frequently than AS2 or AS3. Since fewer modern systems use FTP and opt for SFTP or other protocols that are more secure by nature, AS3 has fallen out of favor.
AS4 is the other version of EDI that is widely used. It is built on the OASIS ebMS 3.0 framework and uses SOAP-based services, which makes it lightweight, low-cost, and fast. As the newest protocol, AS4 is starting to be adopted by more organizations. While some believe it will ultimately surpass AS2 as the primary EDI protocol, AS2 continues to be the most widely-used protocol for EDI thanks to adoption by global giants like Walmart.
How do AS2 connections work?
The specific way that AS2 sends data involves AS2 messages. Transmitting an AS2 message requires several components: An HTTP header, message body, and a digitally signed package that includes the message payload and a digital signature. Together, these components are sometimes called an “envelope”.
AS2 can be both signed and encrypted, and it’s highly recommended to use both of these options when possible. Trading partners can configure that these options are enforced for increased security.
After sending the AS2 message, the receiver will automatically send back an MDN to confirm receipt.
MDNs
The AS2 protocol validates file integrity, which ensures that no files were changed or manipulated. This is done via a Message Disposition Notification (MDN) which functions as a digital “receipt”. The MDN is sent automatically to show that the message was received and not altered.
MDNs are an essential part of the AS2 protocol, and one of the main reasons to choose AS2 over other secure transfer protocols. When an MDN isn’t required, such as sending documents for collaboration, other protocols like SFTP are often a better fit.
Sending and receiving AS2 messages
To send or receive an AS2 message, both parties need a few things:
- An AS2 identifier
- A digitally signed certificate that has been exchanged with the other party
- An AS2 station that contains the above information
We’ll explain each of these in more detail below.
AS2 identifier
To send or receive messages, both the sender and receiver need an identifier that they share with the other party. Many organizations use a GLN number or a D-U-N-S number as their identifier because they are unique.
A GLN is a unique 13-digit number that identifies a specific organization. The GLN identifies the legal entity, function, and both its digital and physical location. This means that if multiple business locations need to transmit AS2 messages, each physical address will need its own GLN number. GLNs are currently allocated by GS1. For more information, see their GLN page.
A D-U-N-S number (Data Universal Numbering System) is a similar concept. These unique 9-digit numbers are exclusive to US or Canadian Businesses, Apple or Google Developers, or an organization that needs a UFI (Unique Facility Identifier) to register with the FDA. D-U-N-S numbers are free to obtain. For more information on D-U-N-S numbers, see About D-U-N-S Number.
While unique identifiers like GLN and D-U-N-S are useful as AS2 identifiers because they are specific to organizations–and as a result are easy to use across various trading partners–the identifier doesn’t have to be unique. However, the identifier string used does have to be shared with trading partners in order to send/receive AS2 messages.
AS2 digital certificatres
A digital certificate proves the identity and validity of the AS2 message and the organization. Each AS2 digital certificate requires an encryption key, validity period, and information about the organization like the company name and domain name.
The certificate will then need to be signed, either through a Certification Authority or by self-signing. Certificates signed by a Certification Authority are more secure, but many organizations use self-signed unless required by a trading partner. Many organizations use the same certificate across all AS2 transmissions.
After the certificate is issued, the organization will need to install it on their AS2-compatible software. From there, they should be able to make AS2 connections to send and receive messages, but it’s always worthwhile to test the connection first.
AS2 Stations
An AS2 station is a set of components that identify an organization and allow it to send/receive AS2 messages. The AS2 station includes the AS2 identifier as well as a certificate. Most organizations have a single station used for all AS2 messages.
To transmit AS2 messages, an organization needs this information for each of its trading partners. Each trading partner will need a separate AS2 station configured.
Once set up, individual AS2 message workflows can be configured to send and/or receive messages from trading partners. In most cases, these are EDI documents due to AS2 being the global standard for EDI.
What is EDI?
EDI stands for Electronic Data Interchange, a method for machines to exchange data in a standardized format. Often, no human is involved in the process at all, so the messages need to be standardized so that machines can understand and parse them.
Because EDI is formatted for machines, it’s not meant to be human-readable, but machines can parse the information extremely quickly. This makes the process incredibly efficient, accurate, and versatile. EDI acts as a replacement for traditional paper-based documents, where documents would have to be manually retrieved and analyzed before deciding the next steps. All of this can happen in an instant with EDI.
There are a few different EDI formats like EDIFACT, WebEDI, and HIPAA (X12) and trading partners agree on a standard that is then specified in the applications that generate EDI files. Each standard will have its own set of formatting rules and identifiers.
For example, the EDIFACT standard includes over 200 different document types. Each document will follow the same overall structure, but the specifics of how the message component is structured will vary by document type. This means that a JOBOFF (Job order message) and BALANC (Balance message) are both EDIFACT documents, but the identifiers and requirements of the message itself will be different.
EDI documents are most commonly transmitted using AS2 and used for this purpose by businesses of all sizes around the world.
AS2 in action
Many businesses use AS2 regularly as one of their main methods for sending EDI files between parties and systems. One of the most prominent users is Wal-Mart, who have created their own EDI framework RetailLink Global Enterprise Mailbox (GEM). Any supplier connecting to Walmart needs to use their GEM (or WebEDI for online only) which includes an AS2 setup component.
As the world’s largest retailer, Walmart holds a lot of sway in the market. Because they and other big players use AS2, it continues to stay relevant, especially in the EDI space.
AS2 is used across different industries such as retail, manufacturing, logistics, and healthcare. Some industries even have their own specific standard such as ODETTE for the automotive industry in Europe.
Can you transfer non-EDI files over AS2?
Yes, AS2 messages don’t have to be used exclusively for EDI files. Files like CSV, XML, Text, and binary can all be sent with the AS2 protocol. However, EDI is the primary use because the AS2 protocol fits all the requirements of EDI messages. Those additional requirements, such as needing digital certificates and MDNs, make it less versatile than SFTP for typical file transfers.
AS2 vs SFTP
AS2 and SFTP are both secure file transfer protocols, but run on different technologies and focus on different use cases. While technically it is possible to send AS2 messages unsigned and unencrypted, many pieces of software and trading partners require encryption. As mentioned above, AS2 is mostly used for sending and receiving EDI documents between trading partners.
SFTP, on the other hand, is extremely versatile and used for exchanging business data, interdepartmental file sharing, syncing files, and many more situations, both for personal and business uses. Files are transferred over SSH, which is encrypted by nature, and additional encryption can be added as well. For more information on SFTP, see our article What is SFTP?
In general, AS2 is ideal for transferring EDI documents or when an MDN is needed, while SFTP is suitable for general secure file transfers that don’t require an MDN.
Using AS2 with Couchdrop
Couchdrop functions as an AS2 server as well as an SFTP server, and you can set up AS2 connections in Couchdrop quickly. Couchdrop allows for both inbound and outbound AS2, which are configured slightly differently.
Inbound AS2 is configured through the AS2 Stations tab. Fill out the required information for your own station, then the same for one or more Trading Partners. You can force messages from partners to be signed and/or encrypted, and also set File Actions when the station receives a file. In this context, File Actions will perform a series of actions to transform file data for the uploaded file such as renaming, encrypting, copying, etc. You can also set File Actions based on this station at a later time.
See more details about configuring a Couchdrop AS2 station here.
Outbound AS2 is configured as an Integration. Choose to add a new integration, then pick Outbound AS2. Fill out the information for the integration and your Trading Partner’s details and designate a name and a folder for the Outbound AS2 integration. Files uploaded to that folder will then be sent to the trading partner.
Find out more about configuring Couchdrop outbound AS2 here.
With either Outbound or Inbound AS2, you can have Couchdrop generate an email to send to your Trading Partners with connection instructions. Once connected, Files received via AS2 can now be used as any other type of file in Couchdrop, meaning you can automate transfers, move them between storage, and more.
Try Couchdrop for a simpler way to use AS2
Couchdrop is easy to use and quick to configure, whether you need to set up AS2, SFTP, Inboxes, or anything else Couchdrop can do. And since it’s completely in the cloud, there are no VMs to set up, config files, or infrastructure to worry about. Try Couchdrop free for 14 days by registering for a new account, with no credit card or sales demo required. Sign up now to get started.