Version 1.0 & Version 1.1

Difference Between Malaysia e-Invoice API Version 1.0 and Version 1.1

Malaysia’s e-Invoicing system, managed by the Inland Revenue Board (LHDN), supports two versions of the API for system integration: Version 1.0 and Version 1.1. The core functionality between both versions remains the same, but there is a key difference in how each version handles authentication and data security through digital certificates.

Version 1.0

Version 1.0 uses a self-signed certificate for establishing secure communication between the taxpayer’s system and the LHDN’s e-Invoice platform. A self-signed certificate is created and signed by the organization itself without the involvement of any third-party certification authority. This version is typically more flexible and easier to implement, particularly during development or testing phases. Since the certificate is not validated by an external body, it offers only basic encryption and does not establish verified trust with LHDN's servers.

Version 1.1

Version 1.1, on the other hand, introduces an additional layer of security and trust. It requires a Certificate Authority (CA)-signed digital certificate. This certificate must be obtained from an LHDN-approved certificate authority, such as POS Digicert or MSC Trustgate. The CA certificate provides both encryption and validation, confirming that the certificate originates from a trusted external source. Once obtained, this certificate must be uploaded into the LHDN’s e-Invoice API integration settings page. This step is mandatory for successful connection and communication using Version 1.1.

Discard
Save
Draft
Was this article helpful?
Edit Page New Page Revisions Page Settings

Previous Page

Left

Next Page

Right

On this page

Review Changes ← Back to Content
Message Status Space Raised By Last update on