JCB certifies Epic as first ACS Operator for J/Secure 2.0 in South Asia

Epic Lanka Managing Director/Chief Executive Officer Viraj Mudalige

Epic Lanka Ltd., the pioneer in the fintech domain providing secure electronic payment automation, information systems security and mobile enterprise automation solutions in Sri Lanka, has been granted the ACS (Access

Control Server) Operator certification as a Third Party Provider (TPP) for J/Secure 2.0 by Japan Credit Bureau (JCB), a leading global payment scheme. 

In addition to being the only locally developed ACS provider in Sri Lanka, Epic is the first certified ACS Operator as a Third-Party Provider for J/Secure 2.0 in South Asia, marking yet another first in its history of fintech innovations. Epic also has the distinction of being the first company in the world to be certified with EMVCo 3DS 2.2 certification and the first-ever Sri Lanka-based vendor to be certified by Visa, Mastercard and American Express for its 3D Secure ACS solution. 

Epic 3D ACS is a holistic security platform to combat frauds during Card-Not-Present (CNP) transactions. The latest version processes transactions in a frictionless manner by devising an intelligent risk-based decision scheme that decides if authentication is required or not. The authentication occurs in the backend without inconveniencing the customer. Epic 3D ACS is deployed and operational on Epic’s fully audited, PCI- DSS/PCI-3DS compliant and ISO 27001 certified infrastructure. 

The solution incudes several enhanced authentication features to offer a seamless payment experience for Sri Lankans, including real-time user authentication and before-payment authorisation. These features help shift the liability from the acquirer to the issuer, prevent unnecessary financial losses for merchants and build confidence for financial institutions to issue and acquire cards. 

Speaking on this historic achievement, Epic Lanka Ltd. Managing Director/Chief Executive Officer Viraj Mudalige said: “Since our inception, we at Epic have always tried to raise the bar and set new standards for local ICT companies. With the pandemic almost forcing people to adopt to non-cash transactions, card fraud has become a major concern and should not be taken lightly. Our ACS solution provides a complete solution to tackle this issue with state-of-the-art AI driven authentication. We are immensely proud to have been certified by JCB as the first South Asian ACS provider, which also gave us international publicity in leading news sites such as Bloomberg.”

Epic has been the leading fintech solutions provider for over two decades in Sri Lanka and has introduced internationally certified and award-winning security encryption systems to the APAC region. Some of Epic’s major innovations include a single integrated hub to drive multiple front-end touchpoints through its Omni-Channel Synchroniser (OCS), a national Terminal Line Encryption (TLE) security framework to combat credit card frauds, introduction of the first inter-bank payment system in Sri Lanka, powering Sri Lanka’s first digital bank which was ranked amongst the top 30 Best Digital Financial Service Providers in the Asia Pacific, Middle East and Africa and becoming the first company in the Asian region to rollout the concept of Branchless Banking to tackle Financial Inclusion.

J/Secure 2.0, JCB brand's 3D secure authentication solution that is expanding globally, is fully compliant with standards and supported by major global suppliers of 3DS Server, ACS, and Directory EMVCo Server. The ACS Operator certification granted to Epic will provide more opportunity to the JCB Issuers for secure e-commerce transactions. The ACS functions and characteristics supported by Epic include 3RI, ACS Attempt, Acquirer and Decoupled Authentication.