BOSTON, MA — (Marketwired) — 12/04/14 — GMO GlobalSign, Inc. (), a leading global Certificate Authority (CA) and a provider of identity and security services for commerce, communications, content and communities, today announced it will begin offering Extended Validation (EV) Code Signing Certificates. EV Code Signing Certificates build on the existing benefits of standard Code Signing Certificates to provide stronger reassurance to end users that the publisher is correct and has been verified.
Like standard Code Signing, EV Code Signing allows developers to digitally sign the applications and software they distribute over the Internet. The difference entails stronger levels of assurance and key protection adhering to strict guidelines set by the CA/Browser Forum and Microsoft Corp. Security enhancement for EV Code Signing include:
Expanded Identity Verification: In addition to the publisher–s name, which is verified for standard Code Signing Certificates, other information about the publisher, such as physical address and type of organization, are validated. This thorough verification process makes it much more difficult for distributors of malware to impersonate and obtain a code signing credential to use for signing and distributing malware under the guise of legitimate development company.
Two-factor authentication: While regular Code Signing Certificates can reside locally on a developer–s machine, EV Code Signing Certificates must be stored on cryptographic tokens. Using physical two-factor authentication reduces the risk that the certificate can be stolen or copied and used to distribute malicious software under the identity of the actual certificate holder.
“Now more than ever, the Internet needs safeguards in place to help reassure end users that the software they are downloading is safe,” said Lila Kee, chief product officer, GlobalSign. “Malware distributors have become increasingly savvy with new ways to circumvent browsers and operating system installers using falsified or stolen signing certificates. GlobalSign is adding EV Code Signing Certificates to its portfolio to ensure our customers and developers alike have availability to the strongest authentication and security practices out in the market today to protect not only their code, but also their identity and reputation.”
Through its collaboration with Microsoft, GlobalSign EV Code Signing Certificates offer additional benefits to developers who distribute code for Windows 8 and Internet Explorer versions 9.0 and above. Microsoft SmartScreen uses information about an application–s reputation to warn end users if the application isn–t well known and might be malicious. Using an EV Code Signing Certificate establishes immediate reputation with SmartScreen, so no alarming warning messages will be presented to the downloader.
“We are pleased to continue to support the certificate authority industry–s introduction of Extended Validation Code Signing Certificates as a step forward to help ensure developer identity, code signing security and user safety,” said John Scarrow, General Manager of Safety Services, Microsoft. “These certificates provide deep verification of developer identity and, in addition, require a hardware element to further secure the code signing process. Given these advances, EV-signed applications can immediately establish reputation with Microsoft SmartScreen Application Reputation services.”
GlobalSign EV Code Signing certificates start at $410 for a one year certificate and are available at . A GlobalSign-furnished USB token is included and discounts are available for multi-year certificates.
For additional information about GlobalSign Code Signing certificates, please visit .
GlobalSign () has been a trust service provider since 1996 with a singular focus on providing convenient and highly productive PKI solutions for organizations of all sizes. Its Digital Certificate solutions allow billions of customers worldwide to conduct SSL-secured transactions with authenticated businesses, transfer data, distribute tamper-proof code, and protect online identities for secure email and access control. The company has local offices in the US, Europe and throughout Asia. For the latest news on GlobalSign visit or follow GlobalSign on Twitter (@globalsign).
GMO Internet Group is a comprehensive provider of industry-leading Internet solutions including domain name registration, cloud-based and traditional hosting, ecommerce, security, and payment processing services that each hold the top share of their respective markets in Japan. Other key business areas for the Group include online securities/FX trading, Internet advertising, search engine marketing, and smartphone game development and publishing. GMO Internet, Inc. (TSE: 9449) is headquartered in Tokyo, Japan. For more information please visit: .
You must be logged in to post a comment Login