AS2 Encryption

The AS2 protocol implements encryption to protect the data that is transmitted across the internet between trading partners.

There are 2 methods of encryption available which means that, when both are used, AS2 transmissions can be considered to be "double encrypted".

Message Encryption

Message level encryption is implemented using S/MIME. S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public-key encryption and signing of MIME data.

The message, file, or document, is encrypted using your trading partner's public AS2 certificate, and digitally signed using your private AS2 certificate.

This ensures that only your trading partner can decrypt the message, file, or document, and that only you could have digitally signed it. It's this combination of encryption and signing that provides non-repudiation of the message, file, or document.

These encrypted payloads could be delivered using any method, including insecure methods, as only the recipient can decrypt the payload, similar to PGP/GPG encrypted payloads. However, the de-facto standard is to transmit these encrypted payloads over an encrypted HTTPS connection.

Transmission Encryption

Transmission level encryption is implemented using HTTPS (HTTP over a TLS/SSL encrypted connection).

The AS2 endpoint URL is encrypted with TLS/SSL using an AS2 endpoint SSL certificate. This ensures that all data transmitted to the endpoint is encrypted while in transit. Just like any other web site, the strength of the encryption is determined by the certificate and TLS/SSL ciphers being used.

The AS2 endpoint of your Files.com sites will use the same certificate and ciphers as your site's web portal (https://MYSITE.files.com) and custom domain.