Why retailers should prefer AS2 over emails

For small to medium scale retailers, the AS2 protocol is a much better alternative to emails for exchanging business critical documents with the trading partners.

05 May 2022 by Udith Gunaratna

When you are in the retail domain, either as a supplier or a buyer, you will need to exchange different documents such as purchase orders, shipping notices and invoices with your trading partners. Usually the small to medium scale retailers prefer to exchange these documents through emails. Although email is an easier and familiar way to exchange documents, it lacks the security and reliability features required for these types of business critical documents and is also vulnerable to simple user errors.

Did you know?
Data is most at risk on email, with 83% of organizations experiencing email data breaches

Alternatively, using a secure protocol such as AS2 (Applicability Statement 2) which is specifically designed for secure document exchange is highly recommended avoiding such pitfalls associated with regular emails. Therefore let’s look into some common issues associated with exchanging retail documents and see how AS2 protocol helps to avoid or minimize them in comparison to emails.

Deliverability Guarantees

Email deliverability is one of the most common concerns when it comes to exchanging documents via emails. For example, you will send an email containing a purchase order to your supplier and unless they replied saying they have received it, you may really not know whether it has reached them. On the other hand, the supplier will send an invoice to you, and you may not receive it due to some issue with an intermediate network. But the supplier who is not aware of that will be expecting you to pay the invoiced amount on time, and it can really put a dent on your trading relationship.

Sametime, most of the email service providers have tightened their spam rules and restrictions to mitigate spamming your inbox. This also makes it harder for organizations to create communications faster at first. For example, if your email contains only an attachment without any text, your email might go to a spam folder creating communication delays with your partners.

But if you have used AS2 protocol instead of emails for this, these issues will never arise. The reason is that AS2 protocol has an in-built mechanism called MDN (Message Disposition Notification), which acts as an acknowledgement for the receipt of a message. Basically when one party receives an AS2 message from another, the receiver sends back an MDN acknowledging that the message with this unique AS2 ID was received by them.

Therefore, in the 1st scenario mentioned above, if you have received a successful/positive MDN from your supplier’s AS2 system, you know for sure that the document has been received by them. The supplier also cannot deny that afterwards, because this MDN will contain a digital signature from their system. In the 2nd scenario, when the supplier has not received a positive MDN from you, they become aware that this message has not reached you, which they will resend. In case they claim that a particular document was sent to you, which you haven’t actually received, you can ask them to present the MDN your system should have sent back, which will resolve any disagreement or confusion.

Human Errors

The other common issue with emails is that people can make mistakes with the email addresses. For example, you or someone else from your team can make a slight typo on the receiver’s email address and send an important document to an unrelated party without being aware of it until it is too late. In case that document contained any confidential or sensitive information which was misused by this other party, this simple mistake can lead to more serious consequences and most probably you will end up in a court.

But if the AS2 protocol has been used, the possibility of this kind of error is next to none. AS2 protocol includes a pre-configuration stage involving both parties, and once it is completed, it is almost a fool-proof mechanism. Even if you have mistakenly sent an AS2 message to a wrong party (due to some URL misconfiguration), they won’t be able to read it as it can only be decrypted with the private key of the actual intended receiver.

Then why not AS2?

Then you may be wondering why most small to medium scale retailers are still reluctant to use AS2, but use less reliable emails. There are 3 main reasons.

  1. Cost - Using AS2 for document exchange needs special software that is capable of handling AS2 communication aspects. Most of the currently available such software are very expensive and also involves extra running costs (such as hosting costs etc.). These high costs are not bearable for the budgets of most small to medium retailers.
  2. Configuration complexity - As mentioned previously, setting up AS2 connectivity between 2 parties involves several configuration steps, where you need to exchange AS2 IDs, AS2 URLs and certificates with the trading partner. This can be an overwhelming task for someone who is not familiar with AS2 protocol and can lead to misconfigurations in many occasions.
  3. Software complexity - Most of the currently available AS2 software have been designed years ago and have very complex user interfaces. Most regular users are not familiar with these interfaces and often get confused and frustrated working with them.

Why MFT Gateway?

MFT Gateway by Aayu Technologies is one of the modern and cost-effective AS2 software available as a software as a service (SaaS) solution.

  1. Cost - Since MFT Gateway is a hosted solution, there are no running costs for you such as for hosting. You can simply register an account and start using AS2 even just now. On top of its 30-day free trial period, MFT Gateway offers a number of cost-effective subscription packages suitable for different message volumes, from which you can select the one best suited for your requirements and budget.
  2. Configuration complexity - Although MFT Gateway provides detailed documentation on configuring AS2 connectivity, it can still be a bit complex for someone who is new to AS2. But the MFT Gateway team, who are well versed in AS2 related matters, are always ready to assist you in setting up your AS2 connectivity for free of charge!
  3. Software complexity - Since MFT Gateway is a more modern software, its user interface is designed similar to an email client interface which you are already familiar with. Therefore, after the initial configurations, you can use MFT Gateway with ease similar to how you use your regular email client.

In addition, if you already have any ERP or back office systems, MFT Gateway can be integrated with them using a variety of methods including REST API, SFTP, Webhooks and AWS S3.