Digital Certification Authority (LankaSign) / Overview
The Payment Industry in Sri Lanka has evolved towards greater efficiencies and customer centricities, which has resulted in high reliance on advance technology. The use of the Internet and electronic transactions has evolved rapidly in Sri Lanka facilitating greater customer convenience and attracting new customers, irrespective of their demographics. This is very evident by the high use of SLIPS (Sri Lanka Interbank Payment System) and other electronic payment systems and the growth in the use of Internet Banking.
 
Though advance technology brings about many advantages to financial institutions and its customers, it also brings in great risks of information security and electronic fraud. Therefore as the use of electronic payments (e-payments) increases, the need for advanced IT security infrastructure becomes critical in order to prevent the risks associated with information security and unauthorized access.
 
Authentication is a critical issue for users of electronic commerce. Banks must have confidence in the authenticity and the integrity of an electronic transaction received from another bank. This can be achieved through the use of Digital Signatures. Digital Signatures are aimed at achieving a higher level of trust where physical signatures are not possible. Digital signing helps the recipient of the electronic transaction to know with certainty that it was originated by the party who claims who they are and that no changes have been made after the transaction has been signed.

Recognizing this need the Central Bank of Sri Lanka requested LankaClear (Pvt.) Ltd. (LCPL) to be the financial sector Certification Service Provider (CSP). LCPL launched Sri Lanka's first Certification Authority under the brand name LANKASIGN in accordance with the Electronic Transaction Act, No.19 of 2006 on May-22-2009. A CSP is an authority on a network that issues and manages security credentials and public -private key pair's for message signing and encryption. As part of a public key infrastructure (PKI), a CSP checks with a Registration Authority (RA) to verify information provided by the requestor of a Digital Certificate. If the RA verifies the requestor's information, the CA can then issue a Digital Certificate that can be used for the purpose of signing and encrypting electronic transactions.
 
LANKASIGN in its first phase started providing digital certificates to Banks to be used in financial transaction clearing systems, such as SLIPS and CITS (Cheque Imaging and Truncation System), where the CSP and Public Key Infrastructure (PKI) was made available on LCPL's Virtual Private Network (VPN).
 
On 9th February 2011 LANKASIGN launched its second phase of providing digital certificates for all financial sector enterprise applications, SSL Certificates and end Users (E-mail/Document signing Certificates) on both private and public networks. This adds great value to the financial sector in Sri Lanka as using digital certificates of LANKASIGN will save the country its valuable foreign exchange where the other alternative is to procurer Certificates from foreign CSPs at a much higher cost. With LANKASIGN’s expansion it is now providing a customer focused local service and solutions to reduce document management overheads associated with managing physical documents, as well as promoting Green initiatives.
 
Currently LANKASIGN is widely used in almost all financial sector organizations as well as few other sectors for automating their documentation process by digitally signing electronic copies of documents and adding high security for electronic documentation exchange process. By end of 2016 / 2017 financial year, LANKASIGN digital certificates are currently being used by;

a) 44 banking and financial sector organizations for clearing systems operated by LankaClear,  
 
b) Central Bank of Sri Lanka for CITS Online and SLIPS systems
 
c) Over 100 export oriented organization under the solutions given to Ceylon Chamber of
    Commerce & National Chamber of Exporters for digitizing the documentation process, 
 
d) Central Depository System (CDS) for digitizing its settlement schedules

As the next phase in their expansion plan, with a major upgrade to their system, LANKASIGN is now capable of providing digital certificates in real-time for mobile based payment applications for digitally signing and authenticating electronic documents. This has been enabled by a common API developed by LANKASIGN, which can be easily integrated with such mobile payment applications via a Software Development Kit (SDK) that is freely distributed to such developers.
Aligning with the Electronic Transaction Act, No.19 of 2006, LANKASIGN follows a stringent process on validating the certificate users and their respective organizations before issuing a digital certificate. Due to its high security standards, LANKASIGN was able to obtain certification on ISO 27001:2013 for its Information Security Management System in the year 2015.

LANKASIGN is not only a significant milestone in the ICT industry of Sri Lanka, but also encourages more institutions in all sectors to adopt cost effective digital certificate based technology to achieve a greater level of information security for all their electronic communications and transactions.
Quick Facts
    LankaSign Quick Facts
    • From When ? - 22nd May 2009
    • Legal Provision - in accordance with the Electronic Transactions Act No. 19 of 2006.
    • Products under LankaSign ? Secure Server Certificates
      • Digital Signature Certificates
      • Public Key Encryption Certificates
      • Secure E-mail Certificates
      • These Certificates are available for use in both the LCPL private networks and public domain
    • How Does Digital Signing and Encryption happens
    • What is SSL Certificate ?
      These are Server Certificates that are bound to an IP address that in combination with a SSL Web Server to attest the public server's identity, providing full authentication and enabling secure communication with customers and business partners.
    • What is Public Key Encryption ?
      Certificates that are bound to an identity of an individual or an organization to allow electronic data to be encrypted.
    • What is a Secure Email Certificate ?
      Certificates bound to an e-mail address which will allow owners of the certificates to digitally sign e-mails to ensure authenticity.
    • What is a Digital Signing Certificate ?
      Certificates bound to an identity of an individual or an organization to allow owners of the certificates to digitally sign digital objects (transactions or documents) to certify authenticity.
    • O/S & Applications supported
      • MS Win XP Pro (32 bit), MS Win 7 (32 & 64 bit)
      • MS Outlook 2003, 2007 & 2010
      • MS Outlook Express 6.0
      • MS Office 2003, 2007 & 2010(Lotus Motes 8.5
      • Mozilla Thunderbird (7.01 to 11.01)
      • Mozilla Firefox 10.0 to 17.0
      • Ubuntu 10.04 (32 bit)
      • Mozilla Thunderbird (3.1.20) mail client
      • Mozilla Firefox 3.6.23 browser
    • Benefits of PKI Integration
    • Data Integrity - Ensure not Altered
      • Greater data security
      • Trusted access
    • Secure migration to online systems from manual systems
    • Non-Repudiation - Sender Cannot Dispute
      Greater confidentiality by encrypting sensitive data