In order to transfer files automatically and securely from one computer system to another, they need to adhere to certain protocols. Protocols are a set of universal rules that determine encryption, configuration and other specifications of the transferred data. There are numerous different kinds of protocols, each adapted to different data exchange technologies.
HTTPS (Hypertext Transfer Protocol Secure) is the secure version of HTTP, which is the actual Internet data standard and the protocol commonly used to transfer data from a user’s web browser to a website and back.
SSL encryption increases security of the data transfer. The major motive for HTTPS is website authentication which ensures the integrity and privacy of data sent over the Internet. This is especially crucial when users send sensitive information, such as when entering into a bank account, email service, or health-insurance provider.
AS (Applicability Statement) specifies Electronic Data Interchange (EDI) communications between businesses via email. The first version, AS1, was developed decades ago and is now obsolete, but it was revolutionary back in the day because it guaranteed security, authentication, message integrity, and privacy through encryption and digital signatures to emails. Most importantly, AS1 was the first protocol to provide certified legal proof when a recipient got an EDI message, making it impossible for the intended recipient to deny receiving it.
AS2 is a second-generation B2B messaging protocol used to securely transmit Electronic Data Interchange (EDI) documents from one organization to another via the Internet using HTTP/S. It was developed in 2002 to replace AS1 and is now the most common protocol to transfer data, used by millions of businesses worldwide, especially in retail and the consumer goods industry.
AS3 is an open-standards protocol promoting secure data transfer and application interoperability. Like AS1 and AS2 it specifies how applications securely exchange EDI data or other information, such as XML documents, over the Internet. AS3 was not created to replace older versions, the main difference is its use of FTP in order to enable FTP-centric businesses to use EDI communications.
The AS4 protocol is the latest of a series of B2B standards for data exchange and integration. Unlike AS2, AS4 has web service capability which gives it the opportunity to be used as a cloud-based communication standard. It is relatively economical, hence ideal for companies that do not have a large IT infrastructure.
FTP (File Transfer Protocol) is the oldest and most basic protocol used to transfer files over the Internet using a client-server process. The client asks the sever for the files and the server provides them. In addition to that, FTP is used to download programs and other files to your computer from other servers. However, FTP is not secure so it requires additional security layers for many data exchange scenarios between businesses. Security to FTP transactions is added mainly by using FTPS, SFTP, FTP via a VPN (virtual private network) or by encrypting FTP file transfers directly.
SFTP is basically FTP with the addition an extra security layer, Secure Shell (SSH). Thanks to the SSH layer, the message is encrypted while in transit and decrypted upon arrival. The client computer has to be authenticated by the server by password or key-based authentication. All commands and data are encrypted to prevent passwords and other sensitive information from being exposed to the network in plain text but SFTP doesn't provide non-repudiation, which makes it less suitable for many managed file transfer scenarios.
FTPS (FTP over SSL/TLS) adds security to the FTP protocol by a secure encryption layer (Secure Sockets Layer) to protect the data and instructions exchanged between client and server. It is similar to SFTP, both being encrypted, but does not provide non-repudiation. FTPS uses a user ID and password, a certificate, or both to authenticate your connection. FTPS has been known for issues with connecting through highly secure firewalls, due to the fact that it uses multiple ports. This can be avoided if the server hosting the FTPS service is running in passive mode. This moves some of the responsibility for firewall configuration from client-side to server-side. When a server is running in passive mode, the client is not required to set up complicated inbound firewall rules.
OFTP (Odette File Transfer Protocol) is a communications protocol designed for business-to-business document transmission, primarily in Europe's automotive sector. It is easy to use, yet incredibly efficient, allowing the exchange of big data files like CAD, using data compression and added security.
OFTP2 is the latest standard for securely sharing file data over the Internet. Initially developed for the European automotive industry, OFTP2 extended the reach of OFTP well beyond Europe and the automobile sector, now connecting trading partners across the globe, in various industries such as retail, white-label goods, manufacturing, government, transport, insurance, banking and many more.