EV Code Signing Certificates

Increase customer confidence and download rates

Digitally signing your applications and code with a code signing certificate is the best way to reassure end users that your code is safe to download and not malicious. However,distributors of malware have become increasingly savvy and discovered ways to circumvent browser and operating system application installers and download checks using stolen or falsified acquired code signing certificates.

Addressing weak verification and key protection

EV Code Signing addresses two of the most commonly used vulnerabilities malware developers leverage to spread their malicious code - weak identity verification processes and poor private key protection.

  • Strict vetting process - Applicants for EV Code Signing certificates go through a more rigorous application process than regular code signing certificates. In addition to verifying the publisher’s organization name, other corporate information, such as physical address and jurisdiction, are vetted.  This thorough verification process makes it much more difficult for malware developers to impersonate and obtain a code signing credential to use for signing malware under the guise of a legitimate development company.
  • Certificate stored on USB token - Unlike regular code signing certificates that reside locally on a developer’s machine, EV Code Signing certificates are stored on cryptographic tokens.  This makes it much harder for a malicious party to copy or steal the private signing key and use it to distribute malicious software under the identity the actual certificate holder.

Immediate Reputation with Microsoft SmartScreen Filter

Microsoft SmartScreen uses information about an application's reputation to warn end users if an application isnt' well known and might be malicious. Beginning with Internet Exploerer 9.0 and Windows 8, applications signed with an EV Code Signing certificate have immediate reputation established so no alarming warnings will be presented to the downloader.

windows8-smartscreen-warning.jpg smartscreen-ie-warning3.jpg
Example Window 8 SmartScreen Warning Example IE9 SmartScreen Warning
Next Steps

Purchase an EV Code Signing Certificate