A new generation of code signing certificate that allows developers and software companies to add a digital signature to an application distributed over the Internet and increase the security of certificate use. Any change in the signed application code is detected and the application will become untrustworthy. The new generation of Code Signing certificates secures code signing by using a hardware token, making certificate theft or misuse impossible.
- Pricefrom $630
- Validity1-3 years
- Secures Desktop and smartphone apps
- Compatible w/all major browsers
- Public key algorithm RSA
- Symmetric encryption256 bit
- Public key length2.048 (3.072/4.096) bits
- Root CADigiCert Global Root
- Money-back guarantee30 days
- Certificate reissuefree and unlimited
- Multi-domain support (SAN)N/A
- Private key on tokenYES
Recommended certificate use
The certificate is used by leading software companies which, besides the digital signature of their application, require the highest digital signing security. A new generation of Code Signing certificates is useful when hackers would compromise your application authenticity and spread malware instead of genuine software.
What does Extended Signature (EV) signing for Code Signing mean?
Many of the large and well-known software manufacturers face hackers’ attempts to exploit their applications and spread malicious code under their name. A common problem is Code Signing certificate theft along with its private key. Then the hacker gets the chance to sign his malicious code with the manufacturer's certificate and gain end users’ trust.
The next-generation Code Signing EV certificate brings you the possibility to sign the code using a hardware token, which increases the certificate’s security to a new level. You do not need to worry about certificate misuse, even when a hacker steals the token; he could not use it. Theft of a private key usually means a certificate’s complete compromise, but not in the case of Code Signing EV certificates.
Code Signing EV guarantees you 100% trust in the SmartScreen Filter, which is a part of Windows. A common signature could be untrustworthy because SmartScreen assesses the signature's credibility by many other criteria. With the Code Signing EV certificate you can be sure that this does not happen.
Importance of EV Code Signing for Apps
The EV code signature is a revolutionary innovation for all application developers. The signature helps users trust applications and prevents the program from being blocked by the Windows Smartscreen Filter .
An application signed with EV Code Signing will never be blocked by SmartScreen.
Even if SmartScreen does not know the application, it could not be blocked. SmartScreen is able to block an application signed with a common Code Signing certificate if it does not have a good reputation and many downloads.
The second big advantage is a higher security of use. The certificate and its private key are stored on the HW token that you receive from the certification authority.
Storing keys on the HW token protects the certificate from misuse . You do not have to keep it on your computer and risk its theft. Both the certificate and the private key are stored on the HW token and you need a password to use it. Any thief would have to steal not only the HW token physically, but also know your password to use it.
You need the HW token every time you make a signature. When signing the application, the HW token service application asks for the password to unlock the private key and your application will be signed. You do not have to store the certificate on your computer and even if the token is stolen, the private key is password protected and the token will be blocked if the wrong password is given several times. This prevents the password from being broken by a dictionary attack.
Code Signing EV certificate and its signature delivers greater security of use, trusted signature, and protect certificate owner against theft and misuse of the certificate.The Code Signing EV certificate delivers greater security of use, a trusted signature, and protect certificate owner against theft and misuse of the certificate.