Chathuranga Gunatillake - Senior Information Security Engineer- TechCERT, Nalinda Herath - Lead Security Engineer- TechCERT, Dileepa Lathsara – CEO – TechCERT, Gimali Soysa – Chief Manager- FinTech, Sonali Nonis- Unit Manager- Quality Systems, Geeth Sameera- Specialist- Information Security, Ashitha Kandambige-Specialist- DS & VAS Services, Dialog Axiata PLC

Genie platform offered by Dialog Axiata PLC, Sri Lanka’s premier connectivity provider, was re-certified the coveted Payment Card Industry Data Security Standard (PCI DSS) Version 3.2.1 for the 4th consecutive year from Qualified Security Assessor (QSA) SISA Information Security together with TechCERT, the local consultant and the technical service provider. PCI DSS ensures the security of cardholder data for credit/debit cards from major card schemes by preventing frauds and data breaches. This is achieved by enforcing leading security controls over the storage, transmission, and processing of cardholder data.

Commenting on this milestone achieved, Renuka Fernando, Chief Digital Services Officer of Dialog Axiata PLC stated, “At Genie, security is placed at top-priority and over the years, we have endeavoured to provide our customers with greater convenience through innovative digital solutions whilst also ensuring that steps are taken to uphold and maintain their privacy and security. On this, Genie will remain committed to providing a secure and convenient transaction platform to enable and enhance Sri Lanka’s digital payment landscape”


PCI DSS is the global data security standard adopted by the payment card brands for all entities that process, store or transmit cardholder data and/or sensitive authentication data. Administered by the PCI Security Standard Council, it has 12 essential security compliance requirements which fall into six categories. These categories are; build and maintain a secure network, protect cardholder data, maintain a vulnerability management programme, implement strong access control measures, regularly monitor and test networks, and maintain an information security policy. This set of standards have been developed over time in an ever-evolving security landscape and are intended to provide merchants, financial institutions and customers’ peace of mind.


Genie is Sri Lanka’s first and only PCI-DSS certified mobile payment application and allows users to add their Visa/Mastercard, Current/Savings Account or eZ Cash account as payment options to the app to make remote payments, in-app payments, over-the-counter payments (OTC via QR Code) at 12,000+ merchant points and conduct online payments more safely and conveniently.


As COVID-19 accelerated digital transformation and further enforced the need for tighter cyber-security, Genie met these emerging needs head-on. Most recently, Genie enhanced their e-payment security model with the adoption of tokenization technology (replacing sensitive information with a random string of unique characters called “tokens”) and 3D Secure (a simple 3-step verification process) to combat cyber fraud. Additionally, Genie was instrumental in creating avenues of cashless payment transactions in the country, abiding by national social distancing efforts during the pandemic, through partnerships with Eat Me Global App and to deliver essential items to customers. Pay by Genie further extended its seamless service to the education sector and healthcare sector to secure academic payments and doctor bookings digitally.


Dialog has been at the forefront of innovation in the mobile industry in Sri Lanka as well as in the region, propelling the nation’s mobile telecommunications infrastructure to a level of advancement on par with the more developed world. Dialog Axiata PLC has the distinction of being the first mobile operator in Sri Lanka to be awarded a mobile payments license by the Central Bank of Sri Lanka, based on which it operates eZ Cash, the country’s pioneering mobile money service.


Please enter your comment!
Please enter your name here