If you have worked with file transfer systems for any length of time, you might have heard of or even seen settings available which refer to AS2. Despite this protocol and its predecessor AS1 having existed since the 1990s, very few people know what it is or how it works.
In this blog we will take a look at AS2 and what it can be used for.
What is AS2 and What is it Used For?
AS2 (Applicability Statement 2) is a popular protocol file transfer that’s used to transmit sensitive data securely and reliably over the internet, often between trading partners.
Upgraded from the original and aptly labelled AS1 protocol, that was created in the 1990s, AS2 supports the encryption of files (usually known as messages) that are then exchanged with trading partners using HTTPS.
Usage of AS2 is commonly found in EDI processes - where messages are often exchanged for the purpose high volume and automated ordering. It is however important to note that AS2 only acts as the method transport for messages or files to an EDI system, and does not perform any processing of them itself.
What are the Benefits of AS2?
When comparing AS2 with other file transfer protocols such as SFTP, FTPS and HTTPS, you might wonder why AS2 is used at all. Although, it does have a number of benefits over and above these rival methods.
For example, it provides:
End-to-end encryption for sensitive files and content.
Authentication of both senders and recipient to ensure the two systems are who they report to be.
Validation of file integrity, ensuring files are not corrupted or manipulated in transmission.
The ability to use MDNs or receipts to verify files have been successfully received and decrypted.
In addition, software and solutions which use AS2 can be certified by the Drummond Group as a testament to their proper obedience of the AS2 standard. This third-party validation means you can be sure any implementation of AS2 is using a known, good solution.
How Does AS2 Work?
The steps for completing a transfer of a file between sender and recipient using AS2 is as follows:
Encrypt a file using a recipient's public SSL certificate and sign the file using the sender's private SSL certificate.
Specify the type and manner of MDN or receipt that the recipient should return.
Deliver the file to a recipient.
Decrypt a file using a recipient's private SSL certificate and confirm the signature of the sender using the sender's public SSL certificate
Create an MDN delivery receipt signed with the recipient's private SSL certificate and containing a cryptographic hash of the file contents in order to prove that the recipient got the unaltered file
Return the MDN to the sender
Verify the MDN (against the recipient's public SSL certificate and the cryptographic hash) to absolutely prove that the recipient received the file.
Where there can be some difference is how the MDN or receipt is communicated back.
There are four types of MDN return:
Return Synchronous MDN via HTTPS (AS2 Sync)- This option allows AS2 MDNs to be returned to AS2 message sender clients over the same HTTP connection they used to send the original message.
Return Asynchronous MDN via HTTPS (AS2 Async)- This option allows AS2 MDNs to be returned to the AS2 message sender's server later over a different HTTP connection.
Return MDN via Email- This rarely-used option allows AS2 MDNs to be returned to AS2 senders via email rather than HTTP.
Do not return MDN- This option simply does not try to return an MDN to the AS2 sender.
How to Start Using AS2 File Transfers?
Whether your file transfer partners require you to send files using AS2 or you’re looking for an industry standard protocol to transmit files that meet regulatory compliance, it’s easy to implement AS2 into your networks.
Ipswitch MOVEit is an award-winning & Drummond certified secure managed file transfer solution that simplifies, audits, and automates any file transfers, including AS2, across a variety of environments - from cloud to on-premise.