Extended Validation (EV) Code Signing Certificates

Increase customer confidence & download rates

SHOP NOW

Increase customer confidence and download rates

EV Code Signing Certificates combine all the benefits of regular code signing plus additional features including:

  • Company address and organization type displayed in the certificate
  • Time stamping, signature does not expire once certificate expires
  • Certificate stored on a hardware token for two-factor authentication
  • Immediate reputation with Microsoft SmartScreen
  • Required to access the Windows Hardware Development Center Dashboard Portal

Exclusive GlobalSign Features

  • Digitally sign an unlimited number of apps with a single certificate

  • Access to GlobalSign's superior support

  • Compatible with major platforms (Authenticode, Office VBA, Java, Adobe AIR, Mac OS, Mozilla)

Addressing weak verification and key protection

EV Code Signing addresses two of the most commonly used vulnerabilities malware developers leverage to spread their malicious code - weak identity verification processes and poor private key protection.

  • Strict vetting process - Applicants for EV Code Signing certificates go through a more rigorous application process than regular code signing certificates. In addition to verifying the publisher's organization name, other corporate information, such as physical address and jurisdiction, are vetted. This thorough verification process makes it much more difficult for malware developers to impersonate and obtain a code signing credential to use for signing malware under the guise of a legitimate development company.

  • Certificate stored on USB token - Unlike regular code signing certificates that reside locally on a developer's machine, all GlobalSign Code Signing certificates are stored on cryptographic tokens. This makes it much more difficult for a malicious party to copy or steal the private key and use it to sign malicious software under the identity of the actual certificate holder.

Immediate Reputation with Microsoft SmartScreen Filter

Microsoft SmartScreen uses information about an application's reputation to warn end users if an application isn't well known and might be malicious. Beginning with Internet Explorer 9.0 and Windows 8, applications signed with an EV code signing certificate have immediate reputation established so no alarming warnings will be presented when downloading.

Smartscreen warning

Windows 8 Warning

 

Multiple Platform Support

GlobalSign Code Signing Certificates support multiple platforms using the same certificate.


Standard vs. EV Code Signing Certificates

EV Code Signing certificates build on the existing benefits of standard Code Signing certificates to offer stronger levels of assurance that the identity of the publisher is correct and has been verified.

  • Strict vetting process assures end users that the identity of the publisher has been verified
  • Immediate reputation with Microsoft SmartScreen Filter removes scary warning messages to end users that the application might be malicious