Home / IT / Telecom / Tech/ Epic Lanka first Sri Lankan software house to earn PCI 3DS certification

Epic Lanka first Sri Lankan software house to earn PCI 3DS certification

Comments / {{hitsCtrl.values.hits}} Views / Thursday, 22 August 2019 00:26

From left: Manager Compliance and Support Saminda Jayawardena, Director/Group Chief Technology Officer Krishan Jayawardena, Epic Lanka Managing Director/CEO Viraj Mudalige, receiving the PCI3DS certificate from (SAARC)-SISA Manager Sales Abhijeet Singh, SISA India Senior Executive Business Development Balaji EM, and Epic Lanka Senior Vice President Sanjeeva Perera

Epic Lanka Ltd. has received the coveted PCI 3DS (Payment Card Industry 3 Domain Secure) certification from SISA Information Security, a qualified security assessor headquartered in India. The PCI 3DS certification is yet another first for the company as it becomes the first ever Sri Lankan software house to receive this globally renowned certification. 

PCI 3DS is a globally accepted security standard that provides a framework for better data integrity and confidentiality – two of the three pillars of information security. This certification will serve as a major step in minimising chargeback and fraud risks for online and mobile card payment transactions at banks and financial institutions. In an era where customers are ever on the look-out for more convenient methods of carrying out their day-to-day transactions, banks and other financial institutes are compelled to find the balance between speedy transaction processing and security of transactions. With the advancements in the e-commerce and m-commerce arena, customers are now moving more towards the convenience of purchasing their goods and services online. The growth in the tourism industry in Sri Lanka has also had an impact on the increase in the acquiring business.

Leveraging on this tendency, a majority of merchants, from books to groceries to clothing, are now offering their products and services online. While many of these merchants accept cash-on-delivery, customer preference is rapidly moving towards using credit/debit cards for online payments. In recent times, however, there has been a rapid rise in card-not-present (CNP) transactions. 

Due to the inherent risks of the customer not being present at the merchant location during the transaction, acquirer banks are facing the threat of CNP frauds. When it comes to transactions done through foreign cards used by tourists, the financial risk for the Sri Lankan acquirers is higher and at times inevitable.

3-D Secure (3DS) provides the solution for CNP risks as well as conventional card payments, where the liability of customer authorisation of transactions is passed to the issuer bank. 3DS functions as a messaging protocol that enables customers to authenticate themselves with their card issuer when making cardless transactions in e-commerce and m-commerce purchases. The three domains consist of the acquirer domain, issuer domain, and the interoperability domain (e.g. payment systems). The additional security layer helps prevent unauthorised CNP transactions and protects the merchant from CNP exposure and fraud. 

Having been in business for over 20 years, Epic has earned a position as one of the strongest software brands in the Sri Lankan IT industry with domain expertise in Fintech solutions. Epic has obtained some of the most recognised compliance certifications in the world and lived up to its corporate values that encompass trust, ethics, commitment and innovation. 

Epic has hosted this technological advancement at their premises, thereby enabling banks and financial institutes to focus on their customers’ transactional and banking needs instead of having to ensure the availability of domain expertise. 

This further reduces the high investments that banks and financial institutes would be required to make on hardware and other related software for enabling 3DS in-house. With this, Epic intends to lessen the burden on banks and financial institutes to ensure the security of online transactions by handling the entire CNP transaction processing arena on a software-as-a-service model. Epic aims to initially focus on the Sri Lankan banking industry and gradually expand to the region and global operations in stages.

Epic Lanka Managing Director/Chief Executive Officer Viraj Mudalige said, “To become the first company in the country to achieve this certification demonstrates our commitment towards developing robust mechanisms in securing our customers’ sensitive data environments. Our technical advancement in transaction monitoring and futuristic approach enabled us to contribute to our country’s security system. Coordination between our teams and the support of SISA made it possible. We plan to strengthen the Sri Lankan payment systems and assist the banking industry to more effectively focus on their business objectives. It is expected to eventually expand this service to a global level, thereby positioning Sri Lanka as a secure payment facilitator.” 

Epic 3D Secure ACS Solution is the only hosted system in Sri Lanka with PCI 3DS, PCI DSS, PA DSS, and ISO27001 certifications. 


Share This Article

Facebook Twitter


1. All comments will be moderated by the Daily FT Web Editor.

2. Comments that are abusive, obscene, incendiary, defamatory or irrelevant will not be published.

3. We may remove hyperlinks within comments.

4. Kindly use a genuine email ID and provide your name.

5. Spamming the comments section under different user names may result in being blacklisted.


Today's Columnists

Withering of expectations and prospects of new ones

Friday, 21 February 2020

The election of Gotabaya Rajapaksa as President at the last Presidential Election can be said to have been the ultimate wish of the majority of Sinhala Buddhist people. Yet, the people were not aware that the President they were electing does not hav

Upsurge of populism

Friday, 21 February 2020

“Populism: denies the pluralism of contemporary societies. It promotes hostility to “enemies” and flirts with violence. It is generally gripped by a territorial mentality that prioritises borders and nation states against ‘foreigners’ and

Diplomatic drone strike, Indo-Lanka equation and constitutional change

Thursday, 20 February 2020

The ‘diplomatic drone strike’, the dramatic US strictures against the Army Commander, Lt. Gen. Shavendra Silva, tells us that Big Brother IS watching. This isn’t the usual suspects, its way out of their league. This is the Big League, the big b

Solar and wind power can resolve electricity crisis, early and cheaper, if allowed

Thursday, 20 February 2020

The country is facing the worst power situation in the history, with electricity generation being unable to meet the demand, with generation costs among the most expensive in the world. With the current scenario, the country cannot be expected to com

Columnists More