Sending EDI information over the Internet is highly cost-effective, but historically, the Internet is not viewed as a secure network. ACCPAC Exchange addresses the issue of security by complying with EDI-INT (EDI over the Internet) standards, which includes two levels of encryption standards - AS1 and AS2, both incorporating 128-bit data encryption, the same encryption method used in on-line banking. AS1 defines a set of parameters to which applications must comply in order to exchange secure EDI data over SMTP or POP. AS2 defines the exchange of secure EDI data over HTTP/HTTPS, including over SSL. Both AS1 and AS2 provide message level encryption using S/MIME and support signed acknowledgements.
In addition, ACCPAC Exchange provides non-repudiation, which means all EDI data is sent with a digital signature, is encrypted using dual-key security processing and is date-time stamped. With non-repudiation, the receiving trading partner is certain about the source of the transaction, thereby eliminating the risk of processing transactions from unauthorized trading partners. The digital certificate can be either obtained from external sources such as VeriSign or self-generated by ACCPAC Exchange communication software. Dual-key security processing involves signing of the EDI data using sender's private key and encrypting it using receiver's public key. The receiver then decrypts the EDI data using its private key and verifies the transaction using sender's public key.