'The safe, secure and auditable method for transferring data...'

With our software products in use with clients worldwide AdvanceFirst Technologies helps to manage the secure transport of sensitive trading documents for a wide range of clients in a multitude of environments.

Increasingly we are being asked to provide secure and fully auditable data transfer for our clients both for the internal and external transfer of data. This requirement cannot be satisfied with many transfer protocols such as FTP. To add to this, more recently, SOX, or specifically the Sarbanes Oxley Act of 2002, was enacted by the US Congress as a result of the Enron scandal. Companies headquartered in the US or those dealing with US firms must now comply with these regulations.

As a result of working with a number of our customers who are US Subsidiaries operating in Europe, we are increasingly meeting requests for assurances of our software’s compliance to SOX requirements.

To meet the stringent tracking and audit requirements of our clients AdvanceFirst have introduced a new protocol called ATP (Advance Transfer Protocol).

What is ATP?

A major design consideration of ATP was to guarantee the complete and accurate transfer of any type of data, with full error checking and end to end audit trails. Other file transfer protocols such as FTP do not have this functionality as part of their core design.

In addition to the file transfer functions, the ATP protocol from AdvanceFirst allows delivery information to be fed back to the sender. This allows each sender of data, be they another internal system or an external trading partner to log not just the successful delivery of a file to the recipient system, but the subsequent download of that data by the final recipient.

In this way a complete end-to-end audit trail of the file transfer can be maintained by the sender.

Audit logs

The audit logs that are maintained by the ATP client will contain at least the following 'header' level fields:

Direction
A code meaning 'Inbound' or 'Outbound'

Client-assigned ID
A unique reference assigned to the file by the ATP client.

File type
A code meaning 'EDI' or 'Binary'

Sender ID
A value that uniquely identifies the sender of the file

Recipient ID
A value that uniquely identifies the final recipient of the file

Server-assigned ID
The unique file ID assigned by the ATP server. This is used to associate feedback from the server with the correct entries in the audit log.

Current status
For outbound files, a code meaning 'Queued', 'Transferred', 'Mailboxed' or 'Collected'

For inbound files, a code meaning 'Received' or 'Imported'

At detail level, the fields would include:

Client-assigned ID
A unique reference assigned to the file by the ATP client. Used to associate a detail record with its parent header record.

Event type
A code meaning 'Status change' or 'Action'

Event sub-type
For 'Status change' events, this will contain of the codes used in the 'Current status' field of the header to record the status that the file became as a result of this event. For 'Action' events on outbound files, this will contain a code meaning 'File queued', 'File sent successfully', 'File send unsuccessfully', 'File mailboxed for collection by the recipient' or 'File collected by the recipient'

Event timestamp
The date and time that the event occurred.

In Summary

The ATP protocol provides complete integrity of data transfer from sender to recipient both within a business and between trading partners. It provides full error checking and a complete end-to-end audit for all users.

If you would like to know more about ATP please contact AdvanceFirst Technologies on +44 (0)1932 789 004 or send an email to support@advancefirst.com