EDI Expert Insights with Tom Guzik, Director of Digital Integration Services
Q: What is the difference between FTP and AS2?
A: The difference between File Transport Protocol (FTP) and Applicability Statement two (AS2), is that AS2 focuses mostly on securing the data load or the data file. It works with the encryption, digital certificates, secure socket layers and is focused on is making sure that data is so well encrypted that it can’t be read or tampered with. Whereas, FTP’s main focus is on securing the connection and transport channel, between you and the intended recipient. There, you find the data is almost like clear text, which can be read. So if someone were to look at the data, they could see everything that was in it. AS2 is providing encryption, so if you had bank information or you have certificate information on account numbers or dollar values for pricing, that’s very safe.
Now, both can be extended to add additional security features. So FTP, which is focused on the channel security, but not so much on the data, can have things added to it like VPN, which would provide more data security. AS2 is focused on the data security, but not so much on the channel. It can also be enhanced with secure socket layers, which would now provide that total encryption package.
One of the really good things about AS2 is that it provides a means of hashing a document or the data file so that, when it’s received, the integrity of the file is ensured and you know that it has not been tampered with during transport. So it provides that nonrepudiation. You know who sent it, you know it wasn’t tampered with. So of the two, both work fine. But if you’re looking at data that’s more sensitive and secure, you’ll probably want to use AS2. If you’re looking at just basic data that you want to send, nothing is really secure, FTP works just as fine.
If you have any questions or would like to learn more about IDEA Exchange contact Tom Guzik at email@example.com or contact the IDEA Exchange Support Solutions Team at firstname.lastname@example.org or call 833-214-5775.