HID Global has expanded its digital certificate family to offer an Extended Validation (EV) Code Signing (EV CS) certificate that protects software from tampering and forgery.
Customers who download software that has been digitally signed with the IdenTrust TrustID EV CS certificates can identify the source and launch its applications or other code without receiving an “Unknown Publisher” warning from the widely used Microsoft anti-phishing and anti-malware application filter.
“We have brought our expertise as the world’s most trusted digital certificate authority to the challenge of securing software code in today’s increasingly vulnerable digital world,” said Vishvas Patel, vice president and chief architect with HID Global, Identity and Access Management.
“Our IdenTrust code signing certificate identifies a software publisher at the highest level of assurance specified in industry standards and can be used to verify that desktop and mobile applications, firmware, drivers or other software code are being sent from an authenticated source and have not been altered by unauthorized parties.”
Each TrustID EV CS digital certificate is issued into a FIPS 140-2 Level 2-compliant HID Crescendo smartcard or USB Token that ensures publishers can only access it through a two-factor authentication process.
This also protects the private key from being exported, which provides additional assurance about who published the software code and eliminates the risk of tampering or unauthorized updates to the published software.
A free HID Global Timestamp Authority service further enhances the IdenTrust TrustID EV CS certificate offering by adding long-term validation of the digital signature’s integrity as well as non-repudiation even after the IdenTrust TrustID EV CS certificate has expired or been revoked.
HID IdenTrust TrustID EV CS certificates are only issued after a strict vetting and authentication process that instantly gives a software publisher a trusted reputation as defined by the Microsoft Smartscreen Application Reputation filtering system.
The process of establishing this reputation can take much longer when code is not signed with an EV CS certificate. Until the reputation is established, the filtering system will continue to flag an application as a potential source of malware infections the first time that customers launch it.
For more info, click here