GlobalSign News & Events

4 December 2014

GlobalSign Provides Stronger Identity and Authentication Services for Developers with Extended Validation Code Signing Certificates

New product helps protect developers from malicious impersonators, protects signing credential, and establishes immediate reputation in Microsoft SmartScreen

Boston, MA- December 4, 2014- GMO GlobalSign, Inc. ( www.globalsign.com ), a leading global Certificate Authority (CA) and a provider of identity and security services for commerce, communications, content and communities, today announced it will begin offering Extended Validation (EV) Code Signing Certificates. EV Code Signing Certificates build on the existing benefits of standard Code Signing Certificates to provide stronger reassurance to end users that the publisher is correct and has been verified.

Like standard Code Signing, EV Code Signing allows developers to digitally sign the applications and software they distribute over the Internet. The difference entails stronger levels of assurance and key protection adhering to strict guidelines set by the CA/Browser Forum and Microsoft Corp. Security enhancement for EV Code Signing include:

  • Expanded Identity Verification: In addition to the publisher’s name, which is verified for standard Code Signing Certificates, other information about the publisher, such as physical address and type of organization, are validated. This thorough verification process makes it much more difficult for distributors of malware to impersonate and obtain a code signing credential to use for signing and distributing malware under the guise of legitimate development company.

  • Two-factor authentication: While regular Code Signing Certificates can reside locally on a developer’s machine, EV Code Signing Certificates must be stored on cryptographic tokens. Using physical two-factor authentication reduces the risk that the certificate can be stolen or copied and used to distribute malicious software under the identity of the actual certificate holder.

“Now more than ever, the Internet needs safeguards in place to help reassure end users that the software they are downloading is safe,” said Lila Kee, chief product officer, GlobalSign. “Malware distributors have become increasingly savvy with new ways to circumvent browsers and operating system installers using falsified or stolen signing certificates. GlobalSign is adding EV Code Signing Certificates to its portfolio to ensure our customers and developers alike have availability to the strongest authentication and security practices out in the market today to protect not only their code, but also their identity and reputation.”

Through its collaboration with Microsoft, GlobalSign EV Code Signing Certificates offer additional benefits to developers who distribute code for Windows 8 and Internet Explorer versions 9.0 and above. Microsoft SmartScreen uses information about an application’s reputation to warn end users if the application isn’t well known and might be malicious. Using an EV Code Signing Certificate establishes immediate reputation with SmartScreen, so no alarming warning messages will be presented to the downloader.

“We are pleased to continue to support the certificate authority industry’s introduction of Extended Validation Code Signing Certificates as a step forward to help ensure developer identity, code signing security and user safety,” said John Scarrow, General Manager of Safety Services, Microsoft. “These certificates provide deep verification of developer identity and, in addition, require a hardware element to further secure the code signing process. Given these advances, EV-signed applications can immediately establish reputation with Microsoft SmartScreen Application Reputation services.”

GlobalSign EV Code Signing certificates start at $410 for a one year certificate and are available at https://www.globalsign.com/en/code-signing/ev-code-signing/.  A GlobalSign-furnished USB token is included and discounts are available for multi-year certificates.

For additional information about GlobalSign Code Signing certificates, please visit https://www.globalsign.com/en/code-signing-certificate/

About GMO GlobalSign

GlobalSign, founded in 1996, is a provider of identity services for the Internet of Everything (IoE), mediating trust to enable safe commerce, communications, content delivery and community interactions for billions of online transactions occurring around the world at every moment.  Its identity and access management portfolio includes access control, single sign-on (SSO), federation and delegation services to help organizations and service providers create new business models for customer and partner interactions.  GlobalSign’s core digital certificate solutions allow its thousands of authenticated customers to conduct SSL secured transactions, data transfer, distribution of tamper-proof code, and protection of online identities for secure email and access control.  GlobalSign’s solutions are designed to address the massive scalability demanded by the emerging $14.4 trillion IoE market, where the ability to make secure networked connections among people, processes, data and things, will require that every “thing” have a trusted identity that can be managed. The company has offices in the U.S., Europe and throughout Asia.  For the latest news on GlobalSign, visit www.globalsign.com or follow GlobalSign on Twitter (@globalsign ).

GMO Internet Group

GMO Cloud K.K. (TSE: 3788) is a full-service IT infrastructure provider focused on cloud solutions. Established as a hosting company in 1996, the company has managed servers for more than 130,000 businesses and now has 6,000 sales partners throughout Japan. In February of 2011, the company launched GMO Cloud to enhance its focus on cloud-based solutions. Since 2007, the company has also grown its GlobalSign SSL security brand through offices in Belgium, U.K., U.S., China and Singapore. GMO Cloud K.K. is part of the GMO Internet Group, an Internet services industry leader, developing and operating Japan’s most widely used domain, hosting & cloud, ecommerce, security, and payment solutions. The Group also comprises the world’s largest online FX trading platform, as well as online advertising, Internet media, and mobile entertainment products. GMO Internet, Inc. (TSE: 9449) is headquartered in Tokyo, Japan.  For more information please visit http://ir.gmocloud.com/english/ .

For further details please contact:

Mary Kae Marinac PR Representative for GlobalSign
MKM Corporate Communications
Phone 978-685-3136
mkm@mkmarinac.com

Press & Analyst Relations
GlobalSign
+603-570-7060 / 1-877-775-4562
press@globalsign.com

Share this article

Back to GlobalSign Newsroom

Media Relations

For further information on GlobalSign press releases,
events or for media enquires please contact:

Janine Marchi
Communications Manager
Call: 603-570-7060
Email: press@globalsign.com