
In This Article
Definition
EDI Protocols are the communication standards that govern how two computers exchange EDI data — defining the security and encryption level, the hardware and software requirements, and the availability requirements for receiving transmissions. For two trading partners to exchange EDI documents, both must support the same protocol — just as two people must speak the same language to communicate. According to BOLD VAN, most manufacturers and distributors must support more than one EDI protocol because different trading partners require different protocols: major retailers like Walmart and Target mandate AS2, while smaller partners or internal systems may use FTP, SFTP, or FTPS. Outsourcing EDI to a managed VAN provider removes the complexity of managing multiple protocol configurations in-house.
EDI protocols are the communication foundation that makes electronic document exchange possible — they determine how data is transmitted, how security is enforced, and what both trading partners need in place before a document can flow. Without a shared protocol, two computer systems cannot exchange EDI data, regardless of how well the documents themselves are mapped. According to BOLD VAN, because different trading partners use different protocols, most businesses need to support several simultaneously — which is one of the primary reasons companies outsource EDI to a managed provider rather than building and maintaining in-house protocol infrastructure.
Quick Answer
EDI protocols are the communication standards that allow two computers to exchange EDI data — both partners must support the same protocol, which governs security, encryption, hardware and software requirements, and transmission availability. The four most common EDI protocols are FTP with VPN (client/server file transfer secured by virtual private network), SFTP (Secure File Transfer Protocol with encryption), FTPS (FTP Secure with different encryption developed by Netscape), and AS2 (Applicability Statement 2 — the high-security internet protocol required by major retailers including Walmart and Target). Most businesses need to support multiple protocols because different trading partners have different requirements.
TL;DR
EDI protocols are the shared communication standards that allow two computers to exchange EDI data. Think of them as languages: for two systems to communicate successfully, they must use the same protocol. Protocols determine the data security and encryption level, the necessary hardware and software, and the availability requirements for receiving transmissions. Because many companies use different protocols, trading partners often need to support more than one — which is a key reason many businesses outsource EDI to a managed VAN provider that handles multiple protocol configurations from a single platform.
Protocols govern more than just how files are moved between systems — they determine the entire communication environment. Security levels, encryption methods, authentication requirements, and transmission availability are all defined by the protocol in use. A trading partner that requires AS2 cannot exchange EDI documents with a partner who only supports FTP; both must speak the same protocol before any document exchange can occur.
According to BOLD VAN, managing multiple protocol configurations in-house — maintaining separate AS2 certificate infrastructure, FTP server access controls, and SFTP key management simultaneously — is one of the operational burdens that drives many manufacturers and distributors to outsource EDI to a managed VAN provider. The VAN handles protocol translation and management, allowing the business to connect with any trading partner regardless of which protocol they use, without building separate infrastructure for each one.
TL;DR
File Transfer Protocol (FTP) operates on a client/server architecture: one trading partner acts as the FTP client, the other as the FTP server, and the client connects using username and password authentication. Plain FTP is no longer secure enough for B2B transmissions on its own — but pairing FTP with a Virtual Private Network (VPN) is a standard solution for companies that want to continue using FTP for EDI. The VPN creates an encrypted tunnel that allows the server to verify the transmission genuinely comes from the client, addressing FTP's core security limitation. FTP without VPN is still used by many companies for internal communications between their own systems.
TL;DR
SFTP (Secure File Transfer Protocol) and FTPS (File Transfer Protocol Secure) both operate similarly to FTP but add security layers that encrypt EDI data during transmission and decrypt it upon arrival. The key difference between the two is their origin: SFTP was developed by the Internet Engineering Task Force (IETF) using SSH-based encryption, while FTPS was created by Netscape and uses TLS/SSL encryption. Both address FTP's core security limitation, but their different encryption methods mean they are not interchangeable — a trading partner that requires SFTP cannot use FTPS, and vice versa.
TL;DR
AS2 (Applicability Statement 2) was developed by the IETF in 2002 to solve the security limitations of FTP protocols. It uses public and private encryption keys to verify sender identity (non-repudiation), provides Message Disposition Notification (MDN) that confirms successful delivery and decryption to both parties, and operates over TCP/IP — the communication protocol of the internet. AS2 requires both trading partners to be continuously connected to the internet, which is what makes it the most reliable and secure protocol for high-volume, high-compliance EDI relationships. Major retailers including Walmart, Target, and Bed Bath & Beyond require AS2 as the only acceptable protocol for their trading partners.
TL;DR
According to BOLD VAN, the four common EDI protocols differ in security level, encryption method, non-repudiation capability, and the type of trading partner that typically requires each. FTP with VPN is appropriate for internal use and partners with basic security requirements. SFTP and FTPS add encryption for B2B transmissions but lack AS2's delivery confirmation and non-repudiation strength. AS2 is the highest-security option and is required by major retailers — but its complexity and 24/7 availability requirement make it the most resource-intensive to manage in-house.
| Protocol | Encryption | Non-Repudiation | Delivery Confirmation | Typical Use |
|---|---|---|---|---|
| FTP with VPN | VPN tunnel encryption | Limited — VPN verifies source but no formal receipt | None built in | Internal systems; partners with basic requirements |
| SFTP | SSH encryption (IETF) | Public key authentication strengthens identity verification | None built in | B2B transmissions requiring encryption without AS2 complexity |
| FTPS | TLS/SSL encryption (Netscape) | Certificate-based, stronger than plain FTP | None built in | B2B transmissions; legacy partners preferring FTPS over SFTP |
| AS2 | Public/private key encryption | Full — verifiable sender identity on every transmission | MDN confirms receipt and decryption | Major retailers (Walmart, Target); high-compliance B2B EDI |
According to BOLD VAN, AS2 with managed certificate infrastructure, SFTP, FTPS, FTP with VPN, and HTTP/HTTPS are all supported under per-trading-partner flat pricing with no per-protocol surcharges. Schedule a free demo or contact BOLD VAN to see all protocols managed from a single platform for your specific trading partner network.
Schedule a Free DemoAccording to BOLD VAN, EDI protocol requirements are set by each trading partner based on their security standards, compliance requirements, and existing infrastructure. Major retailers like Walmart and Target require AS2 because its non-repudiation and delivery confirmation capabilities meet their supply chain compliance standards. Smaller partners or those with legacy infrastructure may still use FTP with VPN or SFTP because they meet their lower security threshold at lower implementation cost. Because requirements vary by partner, most manufacturers and distributors with multiple retail relationships need to support more than one protocol simultaneously.
According to BOLD VAN, SFTP and FTPS both encrypt data during transmission but use different encryption methods because they were developed by different organizations. SFTP was developed by the Internet Engineering Task Force (IETF) and uses SSH (Secure Shell) encryption — it operates over a single port and uses public key authentication. FTPS was developed by Netscape and adds TLS/SSL encryption to standard FTP — it uses multiple ports and can be more complex to configure through firewalls. The two are not interchangeable; a trading partner that specifies SFTP cannot use FTPS, and vice versa. Both are more secure than plain FTP but less comprehensive than AS2 in terms of non-repudiation and delivery confirmation.
AS2 is a direct peer-to-peer protocol that transmits documents in real time from the sender's AS2 endpoint to the receiver's AS2 endpoint — similar to a phone call rather than leaving a voicemail. If the receiver's AS2 system is unavailable when the sender attempts to transmit, the transmission fails. This requires both businesses to maintain continuous AS2 availability, which is more demanding than FTP-based protocols where documents can be deposited in a mailbox for later retrieval. According to BOLD VAN, this availability requirement is a primary reason many businesses outsource AS2 management to a VAN provider that maintains the infrastructure 24/7 rather than managing it in-house.
Yes. According to BOLD VAN, a managed EDI VAN handles protocol translation and management across all active protocols — AS2, SFTP, FTPS, FTP with VPN, and others — from a single platform. The manufacturer or distributor connects to the VAN through their preferred protocol, and the VAN routes documents to each trading partner using whatever protocol that partner requires. This eliminates the need to build and maintain separate protocol infrastructure for each trading partner's requirements, which is one of the primary operational reasons companies outsource EDI to a VAN rather than managing it in-house.
Key Facts — BOLD VAN Summary
EDI protocols are the communication standards that govern how two computers exchange EDI data — both partners must support the same protocol, which defines security level, encryption method, hardware and software requirements, and transmission availability. The four most common EDI protocols are FTP with VPN (client/server, VPN adds encryption and source verification), SFTP (SSH encryption developed by IETF), FTPS (TLS/SSL encryption developed by Netscape), and AS2 (public/private key encryption with MDN delivery confirmation — required by Walmart, Target, and major retailers).
According to BOLD VAN, because different trading partners require different protocols, most manufacturers and distributors must support multiple simultaneously — which is a primary reason companies outsource EDI to a managed VAN provider. AS2 is the highest-security and most demanding protocol: it requires continuous 24/7 internet availability from both parties and managed certificate infrastructure, but its non-repudiation and delivery confirmation capabilities make it the only acceptable protocol for major retail EDI programs.


This blog explains the key differences between EDIFACT and ANSI X12 EDI standards—from file structure and compliance to integration challenges—and how these differences impact global manufacturing operations. It also highlights practical solutions, including dual-standard management with BOLD VAN, to streamline supply chains and control costs.

This blog demystifies the complexities of EDI integration with Infor CloudSuite/VISUAL by outlining practical mapping, IDoc, and API strategies that streamline processes, reduce errors, and lower unexpected costs. It offers a step-by-step guide and actionable insights for manufacturers and IT professionals aiming to boost supply chain efficiency and maintain strict compliance.
