Lanka Clear

Notice to Our Valued Customers

In light of the coronavirus outbreak, we wish to inform our customer that we have facilitated below to provide convenience to you as much as possible and also as a measure to minimize travels which is a timely need of the country:

LankaSign CSP – Digital Certificates

For New Customers

Hard copies of corporate documents were accepted at LankaClear office at the BOC Tower, Colombo 1. Now the customers can submit scanned copies of corporate documents and the duly signed agreement online via our Helpdesk email.

Other conditions/requirements regarding the corporate documents and their due certification remain unchanged.

Ensure that all signatures and true copy sealing are in blue ink.

The duly executed agreement will be emailed to you via the same email address you have maintained to correspond with LankaClear.

Collection of the digital certificate, and the security token is from Lankaclear office in BOC Tower, Colombo 1.

For Existing Customers with Signed LankaSign Digital Certificates Subscriber Agreement
  1. For New Applications

    Hard copies of documents were accepted at LankaClear office at the BOC Tower, Colombo 1. Now the customers can submit scanned copies of new applications online via our Helpdesk email.

    Customers are encouraged to submit applications in advance due to the prevailing situation in the country.

    Collection of the digital certificate and the security token is from Lankaclear office in BOC Tower, Colombo 1.

  2. For Renewal Applications

    Hard copies of documents & security token were accepted at LankaClear office in BOC Tower. Now the customers can submit scanned copies of new applications online via LankaClear Helpdesk email and courier the security token.

    Helpdesk team will inform customers 30 days in advance of upcoming renewals. Customers are encouraged to submit applications in advance due to the prevailing situation in the country.

    Collection of the digital certificate and the security token is from our office in BOC Tower, Colombo 1.

    We’re actively working on moving the entire process online, i.e. to avoid the need for customers to physically submit & collect security tokens in which case the customer has the convenience of getting the digital certificate from home or office.

    Please visit https://www.lankaclear.com/knowledge-center/lankasign/ for more information.

Certificate Charges/Other Costs

There are no changes to applicable charges.

These Changes are in effect until further notice.
Thank you in advance for your corporation.

Overview and History

The Payment Industry in Sri Lanka has evolved towards greater efficiencies and customer centricities, which has resulted in high reliance on advance technology. The use of the Internet and electronic transactions has evolved rapidly in Sri Lanka facilitating greater customer convenience and attracting new customers, irrespective of their demographics. This is very evident by the high use of SLIPS (Sri Lanka Interbank Payment System) and other electronic payment systems and the growth in the use of Internet Banking.

Though advance technology brings about many advantages to financial institutions and its customers, it also brings in great risks of information security and electronic fraud. Therefore as the use of electronic payments (e-payments) increases, the need for advanced IT security infrastructure becomes critical in order to prevent the risks associated with information security and unauthorized access.

Authentication is a critical issue for users of electronic commerce. Banks must have confidence in the authenticity and the integrity of an electronic transaction received from another bank. This can be achieved through the use of Digital Signatures. Digital Signatures are aimed at achieving a higher level of trust where physical signatures are not possible. Digital signing helps the recipient of the electronic transaction to know with certainty that it was originated by the party who claims who they are and that no changes have been made after the transaction has been signed.

Recognizing this need the Central Bank of Sri Lanka requested LankaClear (Pvt.) Ltd. (LCPL) to be the financial sector Certification Service Provider (CSP). LCPL launched Sri Lanka's first Certification Authority under the brand name LankaSign in accordance with the Electronic Transaction Act, No.19 of 2006 on May-22-2009. A CSP is an authority on a network that issues and manages security credentials and public -private key pair's for message signing and encryption. As part of a public key infrastructure (PKI), a CSP checks with a Registration Authority (RA) to verify information provided by the requestor of a Digital Certificate. If the RA verifies the requestor's information, the CA can then issue a Digital Certificate that can be used for the purpose of signing and encrypting electronic transactions.

LankaSign in its first phase started providing digital certificates to Banks to be used in financial transaction clearing systems, such as SLIPS and CITS (Cheque Imaging and Truncation System), where the CSP and Public Key Infrastructure (PKI) was made available on LCPL's Virtual Private Network (VPN).

On 9th February 2011 LankaSign launched its second phase of providing digital certificates for all financial sector enterprise applications, SSL Certificates and end Users (E-mail/Document signing Certificates) on both private and public networks. This adds great value to the financial sector in Sri Lanka as using digital certificates of Lankasign will save the country its valuable foreign exchange where the other alternative is to procurer Certificates from foreign CSPs at a much higher cost. With LankaSign’s expansion it is now providing a customer focused local service and solutions to reduce document management overheads associated with managing physical documents, as well as promoting Green initiatives.

Currently LankaSign is widely used in almost all financial sector organizations as well as few other sectors for automating their documentation process by digitally signing electronic copies of documents and adding high security for electronic documentation exchange process. As the next phase in their expansion plan, with a major upgrade to their system, LankaSign is now capable of providing digital certificates in real-time for mobile based payment applications for digitally signing and authenticating electronic documents. This has been enabled by a common API developed by LankaSign, which can be easily integrated with such mobile payment applications via a Software Development Kit (SDK) that is freely distributed to such developers.

Aligning with the Electronic Transaction Act, No.19 of 2006, LankaSign follows a stringent process on validating the certificate users and their respective organizations before issuing a digital certificate. Due to its high security standards, LankaSign was able to obtain certification on ISO 27001:2013 for its Information Security Management System in the year 2015.

LankaSign is not only a significant milestone in the ICT industry of Sri Lanka, but also encourages more institutions in all sectors to adopt cost effective digital certificate based technology to achieve a greater level of information security for all their electronic communications and transactions.

All you need to know about LankaSign

  • LankaSign Introduction Video 01(clik here)

  • LankaSign Introduction Video 02(clik here)

  • LankaSign Presentation

  • Frequently Asked Questions (FAQs)

    1. Is digital signature recognized by Sri Lankan court of law?
    Yes, it’s launched according to Electronic Transactions Act of Sri Lanka.

    2. If a printout of the digitally signed document is given, can we verify whether it is digitally signed?
    No. The document MUST be in original soft form to verify the digital signature.

    3. Can a scanned document/image be digitally signed?
    Yes. Any document in soft form can be digitally signed.

    4. What will happen if I change a digitally signed document?
    The existing digital signature will not be valid anymore and it will be indicated that the document had been modified.

    5. What will happen if someone else changes the content of a digitally signed document?
    Original signature will not be valid anymore and it will be indicated that the document had been modified.

    6. Can I remove the digital signature from a document?
    No.

    7. What will happen if I give my USB token and disclose the PIN to a third person?
    He or She can (fraudulently) affix your digital signature

    8. How is digital signature different?
    Digital Signature is based on cryptographic technology which offers greater document security and signer authenticity. Each digital signature is unique to the signer and the document, you cannot copy and paste the signature from one document to another. If any changes are made to the document or the signature after signing is complete, this will be indicated in the document rendering the document invalid.

    9. Between electronic signature and digital signature, which one is recommended?
    There is some confusion regarding the difference between electronic and digital signature technology with people thinking the two are the same thing. However, the two signature types are different and it is important to understand how, otherwise your business could be exposed to additional risks. Digital signatures provide the necessary security controls and hence is the recommended solution.

    10. What will happen if I give my USB token and disclose the PIN to a third person?
    He or She can (fraudulently) affix your digital signature

    11. What shall I do if I lose my USB token?
    Immediately notify your organization and CSP (LankaClear Helpdesk)

    12. What shall I do if I forget my PIN?
    Contact your CSP to re-set your PIN

    13. What will happen if I try a wrong PIN multiple times or try the Admin PIN?
    Security token PIN is known only to the user. If the user forgets the PIN by any chance, they can only attempt an incorrect PIN a limited number of times. After that the token gets locked and can only be unlocked by using an admin PIN after sending to LankaClear. Admin PIN is only for use of LankaClear. If the user attempts the admin PIN incorrectly, the security token will be permanently locked and unusable. This is intended behavior to ensure the security of digital certificate, so that it cannot be misused.

    14. What shall I do if someone else gets to know my PIN?
    Change your PIN

    15. Do I need to change my PIN after receiving it from CSP?
    Yes, it is recommended.

    16. Can I take printouts of digitally signed documents and store them?
    Cannot verify the digital signature validity if it is stored in printed format. It must be stored in electronic format to be able to validate same.

    17. What is the benefit of storing the digitally signed document?
    Saves paper, saves space, cannot do unauthorized changes, very convenient and saves time

    18. How can I obtain a digital certificate?
    It should be obtained from an authorized/licensed Certification Serviced Provider (CSP) in Sri Lanka.

    19. Can I use your digital certificates to automate my document management system or other workflow system?
    Yes, you can. We will provide the digital certificates and general guidelines.

    20. What is the recommended use of digital certificates within an automated system?
    The certificates can be used in anyway within the application the developer and product owners wishes at the discretion of developer and product owners as per product, compliance, legal and other requirements as long as such functions does not violate rules and regulations of LankaSign CSP. LankaSign provides only the certificates and related token driver software and does not provide any other software/application related services or support.

    21. What are some generic test case that can be used on my automated system?
    A general recommendation or test cases for use of certificates is provided below and the developers and product owners are advised to refer to all relevant LankaSign policies and procedure manuals for guidance in this regard.

      I. Ensure correct certificate extension is used
      II. Ensure Certificate Type is correct, i.e. SSL, Email Signing, Code Signing, etc.
      III. Ensure only the minimum required functionality is included in Key Usage and Extended Key Usage
      IV. Ensure certificate validations using OSCP/CRL is done to confirm the validity of the certificate prior to use of the certificate for any function/operation
      V. Check the need for any Special Attributes within the certificate
      VI. Ensure the Key Size is correct and as per requirement
      VII. Ensure the Issuer is LankaSign CSP

    22. How is my digital certificate provided to me?
    It is provided in a security token which can be plugged to the USB port.

    23. What’s the cost to obtain a digital certificate?
    The security token is a one-time purchase and the digital certificate needs to be annually renewed. The security token and digital certificate should be purchased per user.

    24. Why should I choose LankaSign CSP?
    LankaSign is Sri Lanka’s first and the only Certification Authority established in accordance with the Electronic Transaction Act, No.19 of 2006 on May-22-2009. LankaSign complies with all the international requirements for commercial Certification Service Provider facilities along with ISO 27001:2013 certification.

    25. How should I proceed to obtain a digital certificate from you?
    Please refer to our How to Obtain Digital Certificates section for all necessary instructions and reach out to our helpdesk on helpdesk@lankaclear.com or 0112356999.

Services Offered

  • Document/Email Signing Certificates
  • SSL Server Certificates
  • Application Certificates

**LankaSign digital certificates are not automatically trusted by internet browsers and other applications and requires manual installation and trust enforcements.

**iPadOS, IOS, Android & other mobile operating systems are not supported natively, however workarounds may be available. Please reach out to our Helpdesk for more information.

How does digital signing and encryption happen?

How To Obtain Digital Certificates & Start Using Them (From The Convenience Of Your Home/Office)

Please click on each step for detailed guidelines.


Please reach out to helpdesk@lankaclear.com / 011 2356999 for any inquiries or support.
Support guideline
Guidelines for Email Signing & Encryption

Additional Steps For Sri Lanka Customs


Scope

The scope is to provide digital certificates to participating entities of Asycuda System on behalf of Sri Lanka Customs. LankaClear has come up with a clearly defined on boarding process on how to obtain digital certificates and how to start using them.

Additional Steps Required for Sri Lanka Customs
  1. Upload digital signatures to Asycuda system
  2. Upload Signed documents to Asycuda system

LankaSign – Summary Certification Practice Statement & LankaSign – Summary Certificate Policy

goto top