Digital Certification Authority (LankaSign) / Overview
The Payment Industry in Sri Lanka has evolved towards greater efficiencies and customer centricities, which has resulted in high reliance on advance technology. The use of the Internet and electronic transactions has evolved rapidly in Sri Lanka facilitating greater customer convenience and attracting new customers, irrespective of their demographics. This is very evident by the high use of SLIPS (Sri Lanka Interbank Payment System) and other electronic payment systems and the growth in the use of Internet Banking.

Though advance technology brings about many advantages to financial institutions and its customers, it also brings in great risks of information security and electronic fraud. Therefore as the use of electronic payments (e-payments) increases, the need for advanced IT security infrastructure becomes critical in order to prevent the risks associated with information security and unauthorized access.

Authentication is a critical issue for users of electronic commerce. Banks must have confidence in the authenticity and the integrity of an electronic transaction received from another bank. This can be achieved through the use of Digital Signatures. Digital Signatures are aimed at achieving a higher level of trust where physical signatures are not possible. Digital signing helps the recipient of the electronic transaction to know with certainty that it was originated by the party who claims who they are and that no changes have been made after the transaction has been signed.

Recognizing this need the Central Bank of Sri Lanka requested LankaClear (Pvt.) Ltd. (LCPL) to be the financial sector Certification Service Provider (CSP). LCPL launched Sri Lanka's first Certification Authority under the brand name LANKASIGN in accordance with the Electronic Transaction Act, No.19 of 2006 on May-22-2009. A CSP is an authority on a network that issues and manages security credentials and public -private key pair's for message signing and encryption. As part of a public key infrastructure (PKI), a CSP checks with a Registration Authority (RA) to verify information provided by the requestor of a Digital Certificate. If the RA verifies the requestor's information, the CA can then issue a Digital Certificate that can be used for the purpose of signing and encrypting electronic transactions.

LANKASIGN in its first phase started providing digital certificates to Banks to be used in financial transaction clearing systems, such as SLIPS and CITS (Cheque Imaging and Truncation System), where the CA and Public Key Infrastructure (PKI) was made available on LCPL's Virtual Private Network (VPN). On 9th February 2011 LANKASIGN launched its second phase of providing digital certificates for all financial sector enterprise applications, SSL Certificates and end Users (E-mail/Document signing Certificates) on the public network. This adds great value to the financial sector in Sri Lanka as the digital certificates of LANKASIGN will save Banks valuable foreign exchange, which they currently incur by procuring Certificates from foreign CAs at a high cost, by providing a customer focused local service and reduce document management overhead associated with managing physical documents, as well as promoting a Green initiative.

LANKASIGN is not only a major achievement for the ICT industry in Sri Lanka, but will greatly encourage more institutions in the financial sector to adopt cost effective digital certificate based technology for greater information security for their transactions.
Quick Facts
    LankaSign Quick Facts
    • From When ? - 22nd May 2009
    • Legal Provision - in accordance with the Electronic Transactions Act No. 19 of 2006.
    • Products under LankaSign ? Secure Server Certificates
      • Digital Signature Certificates
      • Public Key Encryption Certificates
      • Secure E-mail Certificates
      • These Certificates are available for use in both the LCPL private networks and public domain
    • How Does Digital Signing and Encryption happens
    • What is SSL Certificate ?
      These are Server Certificates that are bound to an IP address that in combination with a SSL Web Server to attest the public server's identity, providing full authentication and enabling secure communication with customers and business partners.
    • What is Public Key Encryption ?
      Certificates that are bound to an identity of an individual or an organization to allow electronic data to be encrypted.
    • What is a Secure Email Certificate ?
      Certificates bound to an e-mail address which will allow owners of the certificates to digitally sign e-mails to ensure authenticity.
    • What is a Digital Signing Certificate ?
      Certificates bound to an identity of an individual or an organization to allow owners of the certificates to digitally sign digital objects (transactions or documents) to certify authenticity.
    • O/S & Applications supported
      • MS Win XP Pro (32 bit), MS Win 7 (32 & 64 bit)
      • MS Outlook 2003, 2007 & 2010
      • MS Outlook Express 6.0
      • MS Office 2003, 2007 & 2010(Lotus Motes 8.5
      • Mozilla Thunderbird (7.01 to 11.01)
      • Mozilla Firefox 10.0 to 17.0
      • Ubuntu 10.04 (32 bit)
      • Mozilla Thunderbird (3.1.20) mail client
      • Mozilla Firefox 3.6.23 browser
    • Benefits of PKI Integration
    • Data Integrity - Ensure not Altered
      • Greater data security
      • Trusted access
    • Secure migration to online systems from manual systems
    • Non-Repudiation - Sender Cannot Dispute
      Greater confidentiality by encrypting sensitive data